Philips Xper-IM Connect Software updates

Number: AV16-114
Date: 15 July 2016

Purpose

The purpose of this advisory is to bring attention to a software update for the Xper-IM Connect system by Philips.

Assessment

Philips released a software update for the Xper-IM Connect system to address multiple vulnerabilities (critical to high).  Successful exploitation of these vulnerabilities may allow a remote attacker to compromise CompromiseThe intentional or unintentional disclosure of information, which adversely impacts its confidentiality, integrity, or availability. the Xper-IM Connect system.  These vulnerabilities may include, but are not limited to, arbitrary code execution, code injection Code injectionIntroducing malicious code into a computer program by taking advantage of a flaw in the program, or in the way it interprets data input by users. and information disclosure.

Affected versions:

Xper-IM Connect systems on Windows XP versions 1.5.12 and prior

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.  For more information, please refer to the ICS-CERT reference.

References:

https://ics-cert.us-cert.gov/advisories/ICSMA-16-196-01

Date modified: