Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-40704

The product does not require unique and complex passwords to be created during installation. Using Philips's default password could jeopardize the PACS system if the password was hacked or leaked. An attacker could gain access to the database impacting system availability and data integrity.

Published

2024-07-18T17:15:03.897

Last Modified

2025-04-09T21:16:24.990

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-1392
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	philips	vue_pacs	< 12.2.8.410	Yes

References

http://www.philips.com/productsecurity Product ([email protected])
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 Third Party Advisory, US Government Resource ([email protected])
http://www.philips.com/productsecurity Product (af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)