Details of VAR-201806-0571

ID

VAR-201806-0571

CVE

CVE-2018-10601

TITLE

Philips IntelliVue Patient and Avalon Fetal Monitors Buffer Overflow Vulnerability

Trust: 0.8

sources: IVD: e2f48fa1-39ab-11e9-aaee-000c29342cb1 // CNVD: CNVD-2018-11994

DESCRIPTION

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow. plural Philips The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Philips IntelliVuePatientMonitorsMP2 and so on are all products of the Dutch company Philips. The Philips IntelliVuePatientMonitors MP2 is an MP series patient monitor device. The AvalonFetal/MaternalMonitorsFM20 is a maternal and child monitor device. A buffer overflow vulnerability exists in PhilipsIntelliVuePatientandAvalonFetalMonitors. An attacker could exploit the vulnerability to read memory from its selected device address (within the same subnet). The following products and versions are affected: Philips IntelliVue Patient Monitors MP2/X2/MP30/MP50/MP70/NP90/MX700/800 Rev. B to Rev. M; IntelliVue Patient Monitors MX400-550 Rev. J to Rev. M; X3/ MX100 M revision; Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 using F.0, G.0 and J.3 software revisions

Trust: 2.43

sources: NVD: CVE-2018-10601 // JVNDB: JVNDB-2018-006288 // CNVD: CNVD-2018-11994 // IVD: e2f48fa1-39ab-11e9-aaee-000c29342cb1 // VULHUB: VHN-120377

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: e2f48fa1-39ab-11e9-aaee-000c29342cb1 // CNVD: CNVD-2018-11994

AFFECTED PRODUCTS

vendor:	philips	model:	avalon fetal\/maternal monitors fm20	scope:	eq	version:	-	Trust: 1.6
vendor:	philips	model:	avalon fetal\/maternal monitors fm40	scope:	eq	version:	-	Trust: 1.6
vendor:	philips	model:	avalon fetal\/maternal monitors fm30	scope:	eq	version:	-	Trust: 1.6
vendor:	philips	model:	avalon fetal\/maternal monitors fm50	scope:	eq	version:	-	Trust: 1.6
vendor:	philips	model:	intellivue mx450	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mp30	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mp50	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue x2	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mx550	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mx800	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mp2	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mx700	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mp70	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mx500	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue x3	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mx400	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue np90	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	intellivue mx100	scope:	eq	version:	-	Trust: 1.0
vendor:	philips	model:	avalon fetal/maternal monitors fm20	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	avalon fetal/maternal monitors fm30	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	avalon fetal/maternal monitors fm40	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	avalon fetal/maternal monitors fm50	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mp2	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mp30	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mp50	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mp70	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mx100	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mx400	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mx450	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mx500	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mx550	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mx700	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors mx800	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors np90	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors x2	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	intellivue patient monitors x3	scope:	-	version:	-	Trust: 0.8
vendor:	philips	model:	avalon fetal/maternal monitors fm20/fm30/fm40/fm50 f.0	scope:	-	version:	-	Trust: 0.6
vendor:	philips	model:	avalon fetal/maternal monitors fm20/fm30/fm40/fm50 g.0	scope:	-	version:	-	Trust: 0.6
vendor:	philips	model:	avalon fetal/maternal monitors fm20/fm30/fm40/fm50 j.3	scope:	-	version:	-	Trust: 0.6
vendor:	philips	model:	intellivue patient monitors mx550	scope:	eq	version:	-	Trust: 0.6
vendor:	philips	model:	intellivue patient monitors mx400	scope:	eq	version:	-	Trust: 0.6
vendor:	philips	model:	intellivue patient monitors x3	scope:	eq	version:	-	Trust: 0.6
vendor:	philips	model:	intellivue patient monitors mx500	scope:	eq	version:	-	Trust: 0.6
vendor:	philips	model:	intellivue patient monitors mx100	scope:	eq	version:	-	Trust: 0.6
vendor:	philips	model:	intellivue patient monitors mx450	scope:	eq	version:	-	Trust: 0.6
vendor:	intellivue patient monitors mp2	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mx450	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mx500	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mx550	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors x3	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mx100	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	avalon fetal maternal monitors fm20	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	avalon fetal maternal monitors fm30	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	avalon fetal maternal monitors fm40	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	avalon fetal maternal monitors fm50	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors x2	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mp30	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mp50	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mp70	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors np90	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mx700	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mx800	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	intellivue patient monitors mx400	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: e2f48fa1-39ab-11e9-aaee-000c29342cb1 // CNVD: CNVD-2018-11994 // JVNDB: JVNDB-2018-006288 // CNNVD: CNNVD-201806-303 // NVD: CVE-2018-10601

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-10601
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-10601
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-11994
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201806-303
value:	HIGH
Trust: 0.6
IVD:	e2f48fa1-39ab-11e9-aaee-000c29342cb1
value:	HIGH
Trust: 0.2
VULHUB:	VHN-120377
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-10601
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-11994
severity:	HIGH
baseScore:	8.0
vectorString:	AV:A/AC:L/AU:N/C:C/I:P/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	9.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2f48fa1-39ab-11e9-aaee-000c29342cb1
severity:	HIGH
baseScore:	8.0
vectorString:	AV:A/AC:L/AU:N/C:C/I:P/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	9.5
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-120377
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	5.5
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-10601
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	1.6
impactScore:	6.0
version:	3.1
Trust: 1.0
NVD:	CVE-2018-10601
baseSeverity:	HIGH
baseScore:	8.2
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: IVD: e2f48fa1-39ab-11e9-aaee-000c29342cb1 // CNVD: CNVD-2018-11994 // VULHUB: VHN-120377 // JVNDB: JVNDB-2018-006288 // CNNVD: CNNVD-201806-303 // NVD: CVE-2018-10601

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	CWE-121	Trust: 1.0
problemtype:	CWE-119	Trust: 0.9

sources: VULHUB: VHN-120377 // JVNDB: JVNDB-2018-006288 // NVD: CVE-2018-10601

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201806-303

TYPE

Buffer error

Trust: 0.8

sources: IVD: e2f48fa1-39ab-11e9-aaee-000c29342cb1 // CNNVD: CNNVD-201806-303

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-006288

PATCH

title:	Top Page	url:	https://www.usa.philips.com/healthcare	Trust: 0.8
title:	Patch for Philips IntelliVuePatientandAvalonFetalMonitors Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/132733	Trust: 0.6

sources: CNVD: CNVD-2018-11994 // JVNDB: JVNDB-2018-006288

EXTERNAL IDS

db:	NVD	id:	CVE-2018-10601	Trust: 3.3
db:	ICS CERT	id:	ICSMA-18-156-01	Trust: 3.1
db:	CNNVD	id:	CNNVD-201806-303	Trust: 0.9
db:	CNVD	id:	CNVD-2018-11994	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-006288	Trust: 0.8
db:	IVD	id:	E2F48FA1-39AB-11E9-AAEE-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-120377	Trust: 0.1

sources: IVD: e2f48fa1-39ab-11e9-aaee-000c29342cb1 // CNVD: CNVD-2018-11994 // VULHUB: VHN-120377 // JVNDB: JVNDB-2018-006288 // CNNVD: CNNVD-201806-303 // NVD: CVE-2018-10601

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsma-18-156-01	Trust: 3.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10601	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-10601	Trust: 0.8

sources: CNVD: CNVD-2018-11994 // VULHUB: VHN-120377 // JVNDB: JVNDB-2018-006288 // CNNVD: CNNVD-201806-303 // NVD: CVE-2018-10601

SOURCES

db:	IVD	id:	e2f48fa1-39ab-11e9-aaee-000c29342cb1
db:	CNVD	id:	CNVD-2018-11994
db:	VULHUB	id:	VHN-120377
db:	JVNDB	id:	JVNDB-2018-006288
db:	CNNVD	id:	CNNVD-201806-303
db:	NVD	id:	CVE-2018-10601

LAST UPDATE DATE

2024-11-23T22:55:52.328000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-11994	date:	2018-06-25T00:00:00
db:	VULHUB	id:	VHN-120377	date:	2020-09-04T00:00:00
db:	JVNDB	id:	JVNDB-2018-006288	date:	2018-08-15T00:00:00
db:	CNNVD	id:	CNNVD-201806-303	date:	2020-09-07T00:00:00
db:	NVD	id:	CVE-2018-10601	date:	2024-11-21T03:41:38.507

SOURCES RELEASE DATE

db:	IVD	id:	e2f48fa1-39ab-11e9-aaee-000c29342cb1	date:	2018-06-25T00:00:00
db:	CNVD	id:	CNVD-2018-11994	date:	2018-06-25T00:00:00
db:	VULHUB	id:	VHN-120377	date:	2018-06-05T00:00:00
db:	JVNDB	id:	JVNDB-2018-006288	date:	2018-08-15T00:00:00
db:	CNNVD	id:	CNNVD-201806-303	date:	2018-06-06T00:00:00
db:	NVD	id:	CVE-2018-10601	date:	2018-06-05T20:29:00.903