CVE-2018-8853 : Philips Brilliance CT devices operate user functions from within a contained kio

Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk application, user, or an attacker to potentially attain unauthorized elevated privileges in Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior. Also, attackers may gain access to unauthorized resources from the underlying Windows operating system.

Published 2018-05-04 17:29:00

Updated 2019-10-09 23:42:57

Source ICS-CERT

View at NVD, CVE.org

Products affected by CVE-2018-8853

Philips » Brilliance Firmware 64
Versions up to, including, (<=) 2.6.2
cpe:2.3:o:philips:brilliance_firmware_64:*:*:*:*:*:*:*:*
Matching versions
When used together with: Philips » Brilliance 64 » Version: N/A
Philips » Brilliance Ict Sp Firmware
Versions up to, including, (<=) 3.2.4
cpe:2.3:o:philips:brilliance_ict_sp_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Philips » Brilliance Ict Sp » Version: N/A
Philips » Brilliance Ict Firmware
Versions up to, including, (<=) 4.1.6
cpe:2.3:o:philips:brilliance_ict_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Philips » Brilliance Ict » Version: N/A
Philips » Brilliance Ct Big Bore Firmware
Versions up to, including, (<=) 2.3.5
cpe:2.3:o:philips:_brilliance_ct_big_bore_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Philips » Brilliance Ct Big Bore » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2018-8853

EPSS FAQ

0.11%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 26 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-8853

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	2.0	6.0	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2018-8853

CWE-250 Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Assigned by: ics-cert@hq.dhs.gov (Secondary)
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-8853

https://www.usa.philips.com/healthcare/about/customer-support/product-security

Product Security | Philips
Vendor Advisory

CVEs referencing this url
https://ics-cert.us-cert.gov/advisories/ICSMA-18-123-01

Philips Brilliance Computed Tomography (CT) System | CISA
Third Party Advisory;US Government Resource

CVEs referencing this url
http://www.securityfocus.com/bid/104088

Philips Brilliance Computed Tomography Systems Multiple Local Security Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2018-8853

Products affected by CVE-2018-8853

Exploit prediction scoring system (EPSS) score for CVE-2018-8853

CVSS scores for CVE-2018-8853

CWE ids for CVE-2018-8853

References for CVE-2018-8853