cbcvebase.
CVE-2018-5470
published 2018-03-26

CVE-2018-5470: Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an…

PriorityP339high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EPSS
0.57%
42.7th percentile
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges.

Affected

4 ranges
VendorProductVersion rangeFixed in
philipsintellispace_portal
philipsintellispace_portal
philipsphilips_intellispace_portal
philipsphilips_intellispace_portal

CVSS provenance

nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.