PHP Vulnerability (CVE-2024-4577)
Canon Medical Systems Security Advisory
Overview:
It was announced that there is security vulnerability that affects PHP provided by The PHP Group. PHP is an open source general-purpose programming language and its processing system developed by The PHP Group, and is used for web server functions. PHP has an OS command injection vulnerability (CVE-2024-4577) that could allow an attacker to execute arbitrary code if exploited.
REF: https://nvd.nist.gov/vuln/detail/CVE-2024-4577
Vulnerability Overview:
CVSS score (v3.1) is 9.8 (CRITICAL).
Affected versions are
- PHP versions 8.1.* before 8.1.29
- PHP versions 8.2.* before 8.2.20
- PHP versions 8.3.* before 8.3.8
Possible Affected Canon Medical Systems Products:
There are no Medical Imaging Products which are using PHP at this time.
Resolution:
None
Due to medical device regulatory reasons, not all products/service displayed on this Canon Medical Systems global webpage are available in all countries, regions or markets. Future availability of the products/service cannot also be guaranteed. Please contact your local Canon Medical Systems representative for further details.
