CVE-2020-6964

Published: 24/01/2020 Updated: 17/03/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X and CARESCAPE Central Station (CSCS) Versions 2.X, the integrated service for keyboard switching of the affected devices could allow malicious users to obtain remote keyboard input access without authentication over the network.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gehealthcare apexpro telemetry server firmware
gehealthcare carescape central station mai700 firmware 1.0
gehealthcare carescape central station mai700 firmware 2.0
gehealthcare carescape central station mas700 firmware 1.0
gehealthcare carescape central station mas700 firmware 2.0
gehealthcare clinical information center mp100d firmware 4.0
gehealthcare clinical information center mp100d firmware 5.0
gehealthcare clinical information center mp100r firmware 4.0
gehealthcare clinical information center mp100r firmware 5.0
gehealthcare carescape telemetry server mp100r firmware

CWE-306 https://www3.gehealthcare.com/~/media/downloads/us/support/site-planning/site-readiness/gehc-gateway_project_implementation_guide_pdf.pdf https://www.us-cert.gov/ics/advisories/icsma-20-023-01 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-6964

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect