Vulnerability Description
Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Philips | Myvue | < 12.2.1.5 |
| Philips | Speech | < 12.2.8.0 |
| Philips | Vue Motion | < 12.2.1.5 |
| Philips | Vue Pacs | < 12.2.8.0 |
Related Weaknesses (CWE)
References
- http://www.philips.com/productsecurityVendor Advisory
- https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01MitigationThird Party AdvisoryUS Government Resource
- http://www.philips.com/productsecurityVendor Advisory
- https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2021-27501?
CVE-2021-27501 is a vulnerability with a CVSS score of 7.5 (HIGH). Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.
How severe is CVE-2021-27501?
CVE-2021-27501 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27501?
Check the references section above for vendor advisories and patch information. Affected products include: Philips Myvue, Philips Speech, Philips Vue Motion, Philips Vue Pacs.