CVE-2018-10601

CWE-121: STACK-BASED BUFFER OVERFLOW
The vulnerability exposes an “echo” service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow.

Risk Information

  • CVE ID
  • CVE-2018-10601
  • Vendor
  • Philips
  • Product
  • IntelliVue, Avalon
  • CVSS v3
  • 8.2