Superuser Password Vulnerability in Philips PageWriter Cardiographs

Superuser Password Vulnerability in Philips PageWriter Cardiographs

CVE-2018-14801 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that can be used to access and modify all settings on the device, as well as allow the user to reset existing passwords.

Learn more about our Physical Security Assessment.