CVE-2018-5472
First published: Mon Mar 26 2018(Updated: )
Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Philips IntelliSpace Portal | =8.0 | |
| Philips IntelliSpace Portal | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-5472?
CVE-2018-5472 is considered to have high severity due to its potential for unauthorized access and privilege escalation.
How do I fix CVE-2018-5472?
To mitigate CVE-2018-5472, review and adjust the Windows permissions settings on affected systems.
Which versions of Philips IntelliSpace Portal are affected by CVE-2018-5472?
CVE-2018-5472 affects all versions of Philips IntelliSpace Portal 7.0.x and 8.0.x.
Can CVE-2018-5472 lead to remote code execution?
Yes, CVE-2018-5472 may allow an attacker to execute arbitrary code due to the insecure Windows permissions.
What types of attacks can be facilitated by CVE-2018-5472?
CVE-2018-5472 can facilitate unauthorized access and potentially privilege escalation attacks on the system.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/philips
- canonical/philips intellispace portal
- version/philips intellispace portal/8.0
- version/philips intellispace portal/9.0