Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-14255 Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can lead to resultant weaknesses or increase the severity of the associated vulnerabilities.
Fixes

Solution

Philips has released the following plans to address these vulnerabilities: Philips recommends configuring the Vue PACS environment per D000763414 – Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter. Philips will release Version 15 in Q1 / 2022 for Speech to remediate this issue and recommends contacting support. Philips will release Version 15 in Q1 / 2022 for MyVue to remediate this issue and recommends contacting support. Philips will release Version 15 in Q1 / 2022 for PACS to remediate this issue and recommends contacting support. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com) The Philips advisory is available. Please see the Philips product security website for the latest security information for Philips products.


Workaround

No workaround given by the vendor.

History

Wed, 16 Apr 2025 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2025-04-16T17:58:18.257Z

Reserved: 2021-02-19T00:00:00.000Z

Link: CVE-2021-27501

cve-icon Vulnrichment

Updated: 2024-08-03T21:26:09.146Z

cve-icon NVD

Status : Modified

Published: 2022-04-01T23:15:09.317

Modified: 2024-11-21T05:58:07.067

Link: CVE-2021-27501

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.