Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-6963

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-24 Jan, 2020 | 16:31
Updated At-04 Aug, 2024 | 09:18
Rejected At-
Credits

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:24 Jan, 2020 | 16:31
Updated At:04 Aug, 2024 | 09:18
Rejected At:
▼CVE Numbering Authority (CNA)

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.

Affected Products
Vendor
n/a
Product
GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
Versions
Affected
  • ApexPro Telemetry Server,v4.2 & prior,CARESCAPE Telemetry Server, v4.2 & prior,Clinical Information Center,v4.X& 5.X,CARESCAPE Telemetry Server,v4.3,CARESCAPE Central Station,v1.X,CARESCAPE Central Station,v2.X,B450,v2.X,B650,v1.X,B650,v2.X,B850,v1.X,B850,v2.X
Problem Types
TypeCWE IDDescription
CWECWE-798USE OF HARD-CODED CREDENTIALS CWE-798
Type: CWE
CWE ID: CWE-798
Description: USE OF HARD-CODED CREDENTIALS CWE-798
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.us-cert.gov/ics/advisories/icsma-20-023-01
x_refsource_MISC
Hyperlink: https://www.us-cert.gov/ics/advisories/icsma-20-023-01
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.us-cert.gov/ics/advisories/icsma-20-023-01
x_refsource_MISC
x_transferred
Hyperlink: https://www.us-cert.gov/ics/advisories/icsma-20-023-01
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:24 Jan, 2020 | 17:15
Updated At:17 Mar, 2020 | 17:21

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.110.0CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 10.0
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
gehealthcare
gehealthcare
>>apexpro_telemetry_server>>-
cpe:2.3:h:gehealthcare:apexpro_telemetry_server:-:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>apexpro_telemetry_server_firmware>>Versions up to 4.2(inclusive)
cpe:2.3:o:gehealthcare:apexpro_telemetry_server_firmware:*:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>carescape_central_station_mai700>>-
cpe:2.3:h:gehealthcare:carescape_central_station_mai700:-:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>carescape_central_station_mai700_firmware>>1.0
cpe:2.3:o:gehealthcare:carescape_central_station_mai700_firmware:1.0:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>carescape_central_station_mas700>>-
cpe:2.3:h:gehealthcare:carescape_central_station_mas700:-:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>carescape_central_station_mas700_firmware>>1.0
cpe:2.3:o:gehealthcare:carescape_central_station_mas700_firmware:1.0:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>clinical_information_center_mp100d_firmware>>4.0
cpe:2.3:o:gehealthcare:clinical_information_center_mp100d_firmware:4.0:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>clinical_information_center_mp100d_firmware>>5.0
cpe:2.3:o:gehealthcare:clinical_information_center_mp100d_firmware:5.0:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>clinical_information_center_mp100d>>-
cpe:2.3:h:gehealthcare:clinical_information_center_mp100d:-:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>clinical_information_center_mp100r_firmware>>4.0
cpe:2.3:o:gehealthcare:clinical_information_center_mp100r_firmware:4.0:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>clinical_information_center_mp100r_firmware>>5.0
cpe:2.3:o:gehealthcare:clinical_information_center_mp100r_firmware:5.0:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>clinical_information_center_mp100r>>-
cpe:2.3:h:gehealthcare:clinical_information_center_mp100r:-:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>carescape_telemetry_server_mp100r_firmware>>Versions up to 4.2(inclusive)
cpe:2.3:o:gehealthcare:carescape_telemetry_server_mp100r_firmware:*:*:*:*:*:*:*:*
gehealthcare
gehealthcare
>>carescape_telemetry_server_mp100r>>-
cpe:2.3:h:gehealthcare:carescape_telemetry_server_mp100r:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-798Primarynvd@nist.gov
CWE-798Secondaryics-cert@hq.dhs.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-798
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-798
Type: Secondary
Source: ics-cert@hq.dhs.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.us-cert.gov/ics/advisories/icsma-20-023-01ics-cert@hq.dhs.gov
Third Party Advisory
US Government Resource
https://www3.gehealthcare.com/~/media/downloads/us/support/site-planning/site-readiness/gehc-gateway_project_implementation_guide_pdf.pdfnvd@nist.gov
Product
Hyperlink: https://www.us-cert.gov/ics/advisories/icsma-20-023-01
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
US Government Resource
Hyperlink: https://www3.gehealthcare.com/~/media/downloads/us/support/site-planning/site-readiness/gehc-gateway_project_implementation_guide_pdf.pdf
Source: nvd@nist.gov
Resource:
Product

Change History

0
Information is not available yet

Similar CVEs

598Records found
CVE-2020-6962
Matching Score-10
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-10
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-10||CRITICAL
EPSS-0.19% / 41.27%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 16:07
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X CARESCAPE Central Station (CSCS) Versions 2.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, an input validation vulnerability exists in the web-based system configuration utility that could allow an attacker to obtain arbitrary remote code execution.

Action-Not Available
Vendor-gehealthcaren/a
Product-carescape_central_station_mas700clinical_information_center_mp100dclinical_information_center_mp100d_firmwarecarescape_telemetry_server_mp100r_firmwarecarescape_b850_monitor_firmwarecarescape_telemetry_server_mp100rcarescape_central_station_mas700_firmwarecarescape_b450_monitorcarescape_b650_monitorapexpro_telemetry_server_firmwarecarescape_central_station_mai700_firmwarecarescape_central_station_mai700apexpro_telemetry_serverclinical_information_center_mp100rclinical_information_center_mp100r_firmwarecarescape_b450_monitor_firmwarecarescape_b650_monitor_firmwarecarescape_b850_monitorGE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center,CARESCAPE B450,B650,B850 Monitors
CWE ID-CWE-20
Improper Input Validation
CVE-2006-7253
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.43% / 61.83%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Infinia II has a default password of (1) infinia for the infinia user, (2) #bigguy1 for the acqservice user, (3) dont4get2 for the Administrator user, (4) #bigguy1 for the emergency user, and (5) 2Bfamous for the InfiniaAdmin user, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-infinia_iin/a
CVE-2012-6695
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.62% / 69.24%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_pacs_workstationn/a
CVE-2012-6693
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.62% / 69.24%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity PACS 4.0 Server has a default password of (1) nasro for the nasro (ReadOnly) user and (2) nasrw for the nasrw (Read/Write) user, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_pacs_servern/a
CVE-2011-5322
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.42% / 61.00%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the viewer user, and (5) geservice for the geservice user in the Webmin interface, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_analytics_servern/a
CVE-2004-2777
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.42% / 61.00%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002 account of the GEMNet license server, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_image_vault_firmwaren/a
CVE-2003-1603
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.61% / 68.94%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-discovery_vhn/a
CVE-2010-5308
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.63% / 69.37%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access is part of the intended security policy of the product, can be controlled by the system administrator, and is not enabled by default.

Action-Not Available
Vendor-gehealthcaren/a
Product-optima_mr360_firmwaren/a
CVE-2010-5306
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.61% / 81.01%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default password of #bigguy for the root user, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-optima_ct520_firmwareoptima_ct540_firmwareoptima_ct680_firmwaren/a
CVE-2002-2445
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service user, (3) admin.genie for the admin user, (4) reboot for the reboot user, and (5) shutdown for the shutdown user, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-millennium_mgmillennium_ncmillennium_myosightn/a
CVE-2002-2446
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.62% / 69.24%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-millennium_mg_firmwaremillennium_nc_firmwaremillennium_myosight_firmwaren/a
CVE-2010-5310
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-revolution_xq\/in/a
CVE-2010-5307
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-optima_mr360_firmwaren/a
CVE-2001-1594
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P&R user account, (5) insite for the WinVNC Login, and possibly other accounts, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-entegra_p\&rn/a
CVE-2009-5143
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-discovery_530c_firmwaren/a
CVE-2020-6961
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-10||CRITICAL
EPSS-0.19% / 40.55%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 16:07
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X, a vulnerability exists in the affected products that could allow an attacker to obtain access to the SSH private key in configuration files.

Action-Not Available
Vendor-gehealthcaren/a
Product-carescape_central_station_mai700_firmwarecarescape_central_station_mas700carescape_central_station_mai700clinical_information_center_mp100dapexpro_telemetry_serverclinical_information_center_mp100rclinical_information_center_mp100d_firmwareclinical_information_center_mp100r_firmwarecarescape_telemetry_server_mp100r_firmwarecarescape_telemetry_server_mp100rcarescape_central_station_mas700_firmwareapexpro_telemetry_server_firmwareGE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center,CARESCAPE B450,B650,B850 Monitors
CWE ID-CWE-256
Plaintext Storage of a Password
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-6966
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-10||CRITICAL
EPSS-0.16% / 37.77%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:07
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an attacker to obtain remote code execution of devices on the network.

Action-Not Available
Vendor-gehealthcaren/a
Product-carescape_central_station_mai700_firmwarecarescape_central_station_mas700carescape_central_station_mai700clinical_information_center_mp100dapexpro_telemetry_serverclinical_information_center_mp100rclinical_information_center_mp100d_firmwareclinical_information_center_mp100r_firmwarecarescape_telemetry_server_mp100r_firmwarecarescape_telemetry_server_mp100rcarescape_central_station_mas700_firmwareapexpro_telemetry_server_firmwareGE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2010-5309
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare CADStream Server has a default password of confirma for the admin user, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-cadstream_server_firmwaren/a
CVE-2014-9736
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.43% / 61.83%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database, which has unspecified impact and attack vectors.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_clinical_archive_audit_trail_repositoryn/a
CVE-2014-7232
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.62% / 69.24%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-discovery_xr656_g2discovery_xr656n/a
CVE-2014-7233
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and Activation" using DSASetup, and (4) an empty string for Shutter Configuration, which has unspecified impact and attack vectors. NOTE: since these passwords appear to be used to access functionality during installation, this issue might not cross privilege boundaries and might not be a vulnerability.

Action-Not Available
Vendor-gehealthcaren/a
Product-precision_thunis-800\+n/a
CVE-2013-7442
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.62% / 69.24%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires it.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_pacs_workstationn/a
CVE-2013-7405
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.43% / 61.83%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a password of Never!Mind for the Administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_dmsn/a
CVE-2007-6757
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.61% / 81.01%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_dms_firmwaren/a
CVE-2012-6694
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.62% / 69.24%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires it.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_pacs_servercentricity_pacs_workstationn/a
CVE-2012-6660
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-precision_mpin/a
CVE-2011-5324
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions, has a password of (1) shared for the shared user and (2) scan for the scan user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_pacs-iwn/a
CVE-2011-5323
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions has a password of A11enda1e for the sa SQL server user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-centricity_pacs-iwn/a
CVE-2013-7404
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.57% / 67.57%
||
7 Day CHG~0.00%
Published-04 Aug, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Action-Not Available
Vendor-gehealthcaren/a
Product-discovery_nm_750bn/a
CVE-2024-27107
Matching Score-6
Assigner-GE Healthcare
ShareView Details
Matching Score-6
Assigner-GE Healthcare
CVSS Score-9.6||CRITICAL
EPSS-0.11% / 29.79%
||
7 Day CHG~0.00%
Published-14 May, 2024 | 17:05
Updated-02 Aug, 2024 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Weak account password in GE HealthCare EchoPAC products

Weak account password in GE HealthCare EchoPAC products

Action-Not Available
Vendor-GE HealthCaregehealthcare
Product-EchoPAC Software OnlyImageVaultEchoPAC Turnkeyechopac_softwareimage_vaultechopac_turnkey
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-6965
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.9||CRITICAL
EPSS-0.30% / 52.78%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 17:06
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability in the software update mechanism allows an authenticated attacker to upload arbitrary files on the system through a crafted update package.

Action-Not Available
Vendor-gehealthcaren/a
Product-carescape_central_station_mas700clinical_information_center_mp100dclinical_information_center_mp100d_firmwarecarescape_telemetry_server_mp100r_firmwarecarescape_b850_monitor_firmwarecarescape_telemetry_server_mp100rcarescape_central_station_mas700_firmwarecarescape_b450_monitorcarescape_b650_monitorapexpro_telemetry_server_firmwarecarescape_central_station_mai700_firmwarecarescape_central_station_mai700apexpro_telemetry_serverclinical_information_center_mp100rclinical_information_center_mp100r_firmwarecarescape_b450_monitor_firmwarecarescape_b650_monitor_firmwarecarescape_b850_monitorGE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8415
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.94% / 85.90%
||
7 Day CHG~0.00%
Published-02 Jul, 2019 | 20:13
Updated-05 Aug, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved from the user at address 0x000538E0 and performs a strcmp at address 0x00053908 to check if the password is correct or incorrect. However, the /etc/shadow file is a part of CRAM-FS filesystem which means that the user cannot change the password and hence a hardcoded hash in /etc/shadow is used to match the credentials provided by the user. This is a salted hash of the string "admin" and hence it acts as a password to the device which cannot be changed as the whole filesystem is read only.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dcs-1100dcs-1130dcs-1100_firmwaredcs-1130_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2017-8954
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8771
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 56.90%
||
7 Day CHG~0.00%
Published-20 Sep, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root"). The attacker can make a user that is connected to the repeater click on a malicious link that will log into the telnet and will infect the device with malicious code.

Action-Not Available
Vendor-twszn/a
Product-wifi_repeaterwifi_repeater_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2017-8975
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-53.98% / 97.92%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 01:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-moonshot_provisioning_manager_applianceMoonshot Provisioning Manager Appliance
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8981
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-17.05% / 94.73%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8772
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.34%
||
7 Day CHG~0.00%
Published-20 Sep, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default) with default credentials as root (username:"root" password:"root") and can: 1. Read the entire file system; 2. Write to the file system; or 3. Execute any code that attacker desires (malicious or not).

Action-Not Available
Vendor-twszn/a
Product-wifi_repeaterwifi_repeater_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2017-8956
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-13.73% / 94.01%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 02:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2011-1966
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-10||HIGH
EPSS-65.82% / 98.44%
||
7 Day CHG~0.00%
Published-10 Aug, 2011 | 21:16
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2008n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-7589
Matching Score-4
Assigner-Johnson Controls
ShareView Details
Matching Score-4
Assigner-Johnson Controls
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.00%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:32
Updated-04 Aug, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kantech EntraPass Improper Input Validation

A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate Edition versions 8.0 and prior; Kantech EntraPass Global Edition versions 8.0 and prior.

Action-Not Available
Vendor-johnsoncontrolsJohnson Controls
Product-entrapassKantech EntraPass Global EditionKantech EntraPass Corporate Edition
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8224
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-11.91% / 93.48%
||
7 Day CHG~0.00%
Published-25 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with TELNET.

Action-Not Available
Vendor-wificamn/a
Product-wireless_ip_camera_\(p2p\)wireless_ip_camera_\(p2p\)_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2013-6032
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-10||HIGH
EPSS-0.83% / 73.59%
||
7 Day CHG~0.00%
Published-04 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142, X85x through LC4.BE.P487, X644 and X646 before LC2.MC.P374, X642 through LC2.MB.P318, W840 through LS.HA.P252, T64x before LS.ST.P344, X64xef through LC2.TI.P325, C935dn through LC.JO.P091, C920 through LS.TA.P152, C78x through LC.IO.P187, X78x through LC2.IO.P335, C77x through LC.CM.P052, X772 through LC2.TR.P291, C53x through LS.SW.P069, C52x through LS.FA.P150, 25xxN through LCL.CU.P114, N4000 through LC.MD.P119, N4050e through GO.GO.N206, N70xxe through LC.CO.N309, E450 through LM.SZ.P124, E350 through LE.PH.P129, and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.

Action-Not Available
Vendor-n/aLexmark International, Inc.
Product-c920x772t64xn4050ee250x64xefx85xe450n400025xxnc53xc77xx78xx642x94xe350c78xn70xxew840x646c52xx644c935dnn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8390
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.22% / 94.12%
||
7 Day CHG~0.00%
Published-02 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via a crafted domain name.

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.
Product-pan-osn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2022-25521
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 56.49%
||
7 Day CHG~0.00%
Published-29 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NUUO v03.11.00 was discovered to contain access control issue.

Action-Not Available
Vendor-n/aNUUO Inc.
Product-network_video_recorder_firmwaren/a
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2017-6667
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.35% / 86.80%
||
7 Day CHG~0.00%
Published-13 Jun, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the update process for the dynamic JAR file of the Cisco Context Service software development kit (SDK) could allow an unauthenticated, remote attacker to execute arbitrary code on the affected device with the privileges of the web server. More Information: CSCvb66730. Known Affected Releases: 2.0.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-context_service_development_kitCisco Context Service SDK
CWE ID-CWE-20
Improper Input Validation
CVE-2017-3881
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-94.08% / 99.89%
||
7 Day CHG~0.00%
Published-17 Mar, 2017 | 22:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-catalyst_3750x-48pf-lcatalyst_3560-8pccatalyst_2960-24lt-lenhanced_layer_2\/3_etherswitch_service_modulecatalyst_4500_supervisor_engine_6l-ecatalyst_2960c-8tc-lie-4000-8t4g-e_industrial_ethernet_switchie_2000-16t67_industrial_ethernet_switchcatalyst_2960-plus_24lc-lcatalyst_3560-48tsie-3010-24tc_industrial_ethernet_switchcatalyst_3750x-24u-scatalyst_2960-plus_48pst-lcatalyst_2960s-f48fps-lcatalyst_2960xr-24td-lcatalyst_3560e-48pd-sfcatalyst_4948e_ethernet_switchcatalyst_3750x-48p-ecatalyst_2960s-48lpd-lcatalyst_4000_supervisor_engine_vcatalyst_3750_metro_24-dccatalyst_3560v2-24psembedded_service_2020_24tc_ncp_bcatalyst_3560x-24u-lie_2000-4t-g_industrial_ethernet_switchcatalyst_3560-24pscatalyst_3560cx-8pt-scatalyst_3560x-24u-ecatalyst_3750e-24pd-ecatalyst_3750v2-24psie_2000-8tc-g_industrial_ethernet_switchcatalyst_3550_48_smicatalyst_2960l-24ps-llcatalyst_3750e-24td-ecatalyst_3560e-48pd-efcatalyst_2960xr-48ts-lcatalyst_3750e-48pd-ecatalyst_2960xr-48fpd-icatalyst_2960xr-48td-lie_2000-16ptc-g_industrial_ethernet_switchie-4000-8gt8gp4g-e_industrial_ethernet_switchcatalyst_3560cpd-8pt-scatalyst_3750x-48t-scatalyst_2960xr-24td-icatalyst_3560cg-8pc-scatalyst_blade_switch_3020ie_2000-4ts_industrial_ethernet_switchcatalyst_2960cx-8tc-lcatalyst_2918-48tt-ccatalyst_2960c-8pc-lcatalyst_3560x-48p-scatalyst_3560e-12sd-scatalyst_2960s-f48lps-lcatalyst_4948e-f_ethernet_switchcatalyst_2960x-48fpd-lcatalyst_2960-48tc-lcatalyst_3560v2-24dccatalyst_3750x-24t-ecatalyst_3750e-48pd-efcatalyst_3750x-24t-scatalyst_3560cx-8pc-scatalyst_2960-8tc-lcatalyst_3560x-48t-ecatalyst_3560x-24t-lie-4000-8gs4g-e_industrial_ethernet_switchcatalyst_2960xr-24pd-lcatalyst_2960c-8tc-scatalyst_2960s-48ts-sie_2000-16tc-g-e_industrial_ethernet_switchcatalyst_3560e-48td-ecatalyst_2960xr-48lpd-iembedded_service_2020_ncp_bcatalyst_3550_24_emicatalyst_2960xr-48fpd-lcatalyst_c2928-24lt-ccatalyst_2960-plus_48tc-lcatalyst_2960-48pst-scatalyst_3750e-24pd-scatalyst_2350-48td-sdcatalyst_4500_supervisor_engine_ii-pluscatalyst_2960s-f24ps-lme_4924-10gecatalyst_2970g-24tcatalyst_blade_switch_3040catalyst_blade_switch_3030catalyst_2960-24tc-lcatalyst_2960x-48td-lcatalyst_2960-48tt-scatalyst_3750x-24p-ecatalyst_2960x-24pd-lcatalyst_3560e-24pd-scatalyst_3560g-24pscatalyst_2960xr-24ts-icatalyst_3750x-12s-ecatalyst_2960l-16ps-llcatalyst_3750x-24p-scatalyst_2960s-f24ts-lcatalyst_3750-24tscatalyst_3750x-48u-scatalyst_3750x-48p-scatalyst_3750x-24s-scatalyst_blade_switch_3120catalyst_2960-24tc-scatalyst_2960-plus_24pc-lcatalyst_4948catalyst_2960-plus_48pst-scatalyst_blade_switch_3032catalyst_3750x-48p-lcatalyst_3750v2-24tsios_xeie_2000-16tc-g-x_industrial_ethernet_switchcatalyst_4500_supervisor_engine_ii-plus-tscatalyst_3560x-24t-scatalyst_2960xr-48fps-lcatalyst_3750x-12s-scatalyst_2960s-f24ts-ssm-x_layer_2\/3_etherswitch_service_modulecatalyst_2960s-f48ts-lcatalyst_3560c-8pc-scatalyst_2960-48pst-lcatalyst_2960s-24ts-scatalyst_2918-24tc-ccatalyst_3560x-48p-ecatalyst_2350-48td-scatalyst_3560c-12pc-scatalyst_3560g-48psie_2000-4t_industrial_ethernet_switchcatalyst_switch_module_3012catalyst_3750e-48pd-sfie-4000-16t4g-e_industrial_ethernet_switchcatalyst_4500_supervisor_engine_vcatalyst_4000_supervisor_engine_icatalyst_3750e-48td-ecatalyst_2960c-12pc-lcatalyst_2960-24pc-scatalyst_2960x-48fps-lcatalyst_3560x-24p-scatalyst_2960s-24ts-lcatalyst_2960-plus_24tc-lembedded_service_2020_24tc_con_bcatalyst_2928-24tc-ccatalyst_4500_supervisor_engine_v-10gecatalyst_3750g-12s-sdcatalyst_3750-48tscatalyst_3750x-24t-lcatalyst_3560x-48pf-sie_2000-4ts-g_industrial_ethernet_switchcatalyst_3750v2-48pscatalyst_3560x-48pf-ecatalyst_2960x-24ps-lcatalyst_2918-24tt-ccatalyst_3560x-48pf-lcatalyst_2960s-f48ts-sie_3000-8tc_industrial_ethernet_switchcatalyst_3560v2-24tscatalyst_blade_switch_3130embedded_service_2020_ncpcatalyst_2960g-24tc-lcatalyst_2960x-24ts-llcatalyst_3750v2-48tscatalyst_4500e_supervisor_engine_8-ecatalyst_2960x-24ts-lcatalyst_2960s-48ts-lcatalyst_2960l-48ts-llcatalyst_3750e-24td-scatalyst_2960s-48td-lcatalyst_3560x-48t-scatalyst_2960-48tc-scatalyst_3750e-48pd-scatalyst_2960g-8tc-lcatalyst_3750x-48t-lcatalyst_4928_10_gigabit_ethernet_switchcatalyst_2960s-48fps-lie_3000-4tc_industrial_ethernet_switchcatalyst_3560e-48td-scatalyst_3560cx-8tc-scatalyst_3750g-16tdcatalyst_3550_24_fx_smicatalyst_3560-48pscatalyst_3750x-24u-lcatalyst_2960-plus_24tc-scatalyst_3560cx-12pc-scatalyst_2960-24-scatalyst_2960-48tt-lie-4010-16s12p_industrial_ethernet_switchie_2000-24t67_industrial_ethernet_switchcatalyst_3560e-48pd-scatalyst_3750-24pscatalyst_3560cx-12tc-scatalyst_2960xr-48fps-icatalyst_3560e-24td-ecatalyst_2960x-48ts-llcatalyst_4500_supervisor_ii-plus-10geie_2000-16tc_industrial_ethernet_switchcatalyst_3750g-24tscatalyst_2960s-48lps-lie-5000-12s12p-10g_industrial_ethernet_switchembedded_service_2020_24tc_ncpcatalyst_3560v2-48tscatalyst_3560x-48u-lcatalyst_3560x-24p-lembedded_service_2020_24tc_concatalyst_2960-24tt-lcatalyst_2960s-48fpd-lcatalyst_2960x-48lpd-lie-4000-8gt4g-e_industrial_ethernet_switchcatalyst_switch_module_3110catalyst_2960xr-24pd-iie-5000-16s12p_industrial_ethernet_switchcatalyst_3560-12pc-scatalyst_2960-plus_24lc-scatalyst_3750_metro_24-accatalyst_3750g-48pscatalyst_2960s-24ps-lcatalyst_2960xr-48lps-icatalyst_3550_24_dc_smicatalyst_2960cpd-8pt-lcatalyst_2960-24pc-lcatalyst_2960pd-8tt-lie-4000-4gc4gp4g-e_industrial_ethernet_switchie-4000-8s4g-e_industrial_ethernet_switchcatalyst_3560x-48u-ecatalyst_3560v2-48pscatalyst_blade_switch_3120xie-4010-4s24p_industrial_ethernet_switchcatalyst_2975catalyst_2960l-24ts-llie-4000-4s8p4g-e_industrial_ethernet_switchcatalyst_2960-plus_24pc-scatalyst_2960s-24pd-lcatalyst_3560cg-8tc-scatalyst_3550_24_smiie_2000-8tc-g-e_industrial_ethernet_switchcatalyst_2960-8tc-scatalyst_3750v2-24fscatalyst_4948_10_gigabit_ethernet_switchie_2000-8t67_industrial_ethernet_switchie_2000-8tc-g-n_industrial_ethernet_switchcatalyst_2960s-24td-lcatalyst_c2928-48tc-ccatalyst_2960xr-24ps-icatalyst_2960x-24psq-lie-4000-4gs8gp4g-e_industrial_ethernet_switchie-4000-16gt4g-e_industrial_ethernet_switchcatalyst_2960cg-8tc-lcatalyst_4500_supervisor_engine_ivcatalyst_3560x-24t-eioscatalyst_3750x-48pf-scatalyst_3750x-48t-ecatalyst_2960xr-24ps-lie_2000-16tc-g-n_industrial_ethernet_switchcatalyst_3560-24tscatalyst_3560g-24tscatalyst_2960xr-48lpd-lie-4000-4t4p4g-e_industrial_ethernet_switchcatalyst_3750-24fscatalyst_2960x-24td-lcatalyst_3750e-48td-scatalyst_2918-48tc-ccatalyst_2960xr-24ts-lcatalyst_3750g-24pscatalyst_switch_module_3110xcatalyst_3560x-48t-lie_2000-16tc-g_industrial_ethernet_switchcatalyst_2960l-8ts-llcatalyst_2960-plus_48tc-scatalyst_4000_supervisor_engine_ivcatalyst_3560x-24p-ecatalyst_4500_supervisor_engine_6-ecatalyst_3560e-24td-senhanced_layer_2_etherswitch_service_moduleie_2000-16t67p_industrial_ethernet_switchcatalyst_2960l-8ps-llcatalyst_3550_12gie-3010-16s-8pc_industrial_ethernet_switchcatalyst_3750g-24tie-4000-4tc4g-e_industrial_ethernet_switchgigabit_ethernet_switch_module_\(cgesm\)ie_2000-4s-ts-g_industrial_ethernet_switchcatalyst_2960x-48lps-lcatalyst_3560e-12d-ecatalyst_3560cx-8xpd-scatalyst_3750x-24s-ecatalyst_3560e-12sd-ecatalyst_3750x-24u-ecatalyst_2960l-48ps-llie_2000-8t67p_industrial_ethernet_switchcatalyst_2360-48td-scatalyst_3560x-48u-scatalyst_3560e-48pd-eembedded_service_2020_con_bcatalyst_3750x-24p-lcatalyst_2960x-48ts-lcatalyst_3750x-48pf-ecatalyst_2960l-16ts-llembedded_service_2020_concatalyst_4900mcatalyst_3560e-24pd-ecatalyst_2960xr-48ts-icatalyst_3750g-12sie_2000-8tc_industrial_ethernet_switchcatalyst_3560e-12d-scatalyst_2970g-24tscatalyst_3750-48pscatalyst_3560x-24u-scatalyst_3750x-48u-lcatalyst_2960g-48tc-lcatalyst_2960xr-48lps-lcatalyst_2960xr-48td-icatalyst_3550_48_emicatalyst_3550_24_pwrcatalyst_3560g-48tsrf_gateway_10catalyst_3750g-48tscatalyst_3550_12tcatalyst_3750g-24ts-1ucatalyst_2960cx-8pc-lcatalyst_3750x-48u-ecatalyst_2960-24lc-scatalyst_2960cpd-8tt-lcatalyst_3560cx-12pd-scatalyst_3560x-48p-lCisco IOS and IOS XE SoftwareIOS and IOS XE
CWE ID-CWE-20
Improper Input Validation
CVE-2007-0213
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-10||HIGH
EPSS-83.33% / 99.22%
||
7 Day CHG~0.00%
Published-08 May, 2007 | 23:00
Updated-07 Aug, 2024 | 12:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exchange_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5817
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-83.65% / 99.24%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
CVE-2017-4997
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-9.8||CRITICAL
EPSS-5.22% / 89.56%
||
7 Day CHG~0.00%
Published-29 Jun, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.

Action-Not Available
Vendor-n/aDell Inc.
Product-emc_vasa_provider_virtual_applianceVASA Provider Virtual Appliance versions 8.3.x and prior
CWE ID-CWE-20
Improper Input Validation
CVE-2017-5815
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-9.8||CRITICAL
EPSS-61.26% / 98.25%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-16 Sep, 2024 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.

Action-Not Available
Vendor-HP Inc.Hewlett Packard Enterprise (HPE)
Product-intelligent_management_centerIntelligent Management Center (iMC) PLAT
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 11
  • 12
  • Next
Details not found