High severity8.8NVD Advisory· Published Sep 26, 2018· Updated Jun 17, 2026
CVE-2018-8852
CVE-2018-8852
Description
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or otherwise establishing a new user session, the software gives an attacker the opportunity to steal authenticated sessions without invalidating any existing session identifier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=R2.1
- Philips/e-Alert Unit (non-medical device)v5Range: R2.1 and prior
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/105194nvdThird Party AdvisoryVDB Entry
- ics-cert.us-cert.gov/advisories/ICSA-18-242-01nvdMitigationThird Party AdvisoryUS Government Resource
- www.usa.philips.com/healthcare/about/customer-support/product-securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.