CVE-2021-32993 HIGH

CVE-2021-32993: Philips IntelliBridge EC 40 and EC 80 Hub Use of Hard-coded Credentials

Vendor Philips
Product IntelliBridge EC 40 Hub
Weakness CWE-798 · Hardcoded credentials
Published December 27, 2021
Last update September 17, 2024

CVSS base score

8.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Key dates

02Disclosure timeline

December 27, 2021 CVE published
September 17, 2024 Record updated