Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2021-33018
PUBLISHED
More InfoOfficial Page
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
View Known Exploited Vulnerability (KEV) details
Published At-01 Apr, 2022 | 22:17
Updated At-16 Apr, 2025 | 17:58
Rejected At-
▼CVE Numbering Authority (CNA)
Philips Vue PACS Use of a Broken or Risky Cryptographic Algorithm

The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information.

Affected Products
Vendor
PhilipsPhilips
Product
Vue PACS
Versions
Affected
  • From unspecified through 12.2.x.x (custom)
Vendor
PhilipsPhilips
Product
Vue MyVue
Versions
Affected
  • From unspecified through 12.2.x.x (custom)
Vendor
PhilipsPhilips
Product
Vue Speech
Versions
Affected
  • From unspecified through 12.2.x.x (custom)
Vendor
PhilipsPhilips
Product
Vue Motion
Versions
Affected
  • From unspecified through 12.2.1.5 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-327CWE-327: Use of a Broken or Risky Cryptographic Algorithm
Type: CWE
CWE ID: CWE-327
Description: CWE-327: Use of a Broken or Risky Cryptographic Algorithm
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Philips has released the following plans to address these vulnerabilities: Philips recommends configuring the Vue PACS environment per D000763414 – Vue_PACS_12_Ports_Protocols_Services_Guide available on Incenter. Philips will release Version 15 in Q1 / 2022 for Speech to remediate this issue and recommends contacting support. Philips will release Version 15 in Q1 / 2022 for PACS to remediate this issue and recommends contacting support. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact a Philips Sales representative or submit a quote request in the eService portal at: Login - eService (philips.com) The Philips advisory is available. Please see the Philips product security website for the latest security information for Philips products.

Configurations
Workarounds
Exploits
Credits
Philips reported these vulnerabilities to CISA.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
x_refsource_CONFIRM
http://www.philips.com/productsecurity
x_refsource_CONFIRM
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.philips.com/productsecurity
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
x_refsource_CONFIRM
x_transferred
http://www.philips.com/productsecurity
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.philips.com/productsecurity
Resource:
x_refsource_CONFIRM
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found