1. Home
  2. CVE Database
  3. CVE-2018-10599
MEDIUM · 5.3

CVE-2018-10599

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Mater...

Vulnerability Description

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
PhilipsIntellivue Mp2 Firmware-
PhilipsIntellivue Mp2-
PhilipsIntellivue X2 Firmware-
PhilipsIntellivue X2-
PhilipsIntellivue Mp30 Firmware-
PhilipsIntellivue Mp30-
PhilipsIntellivue Mp50 Firmware-
PhilipsIntellivue Mp50-
PhilipsIntellivue Mp70 Firmware-
PhilipsIntellivue Mp70-
PhilipsIntellivue Np90 Firmware-
PhilipsIntellivue Np90-
PhilipsIntellivue Mx700 Firmware-
PhilipsIntellivue Mx700-
PhilipsIntellivue Mx800 Firmware-
PhilipsIntellivue Mx800-
PhilipsIntellivue Mx400 Firmware-
PhilipsIntellivue Mx400-
PhilipsIntellivue Mx450 Firmware-
PhilipsIntellivue Mx450-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2018-10599?

CVE-2018-10599 is a vulnerability with a CVSS score of 5.3 (MEDIUM). IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Mater...

How severe is CVE-2018-10599?

CVE-2018-10599 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-10599?

Check the references section above for vendor advisories and patch information. Affected products include: Philips Intellivue Mp2 Firmware, Philips Intellivue Mp2, Philips Intellivue X2 Firmware, Philips Intellivue X2, Philips Intellivue Mp30 Firmware.