GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02 | Mitigation Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-03-20 09:29
Updated : 2019-10-09 16:23
NVD link : CVE-2017-14006
Mitre link : CVE-2017-14006
JSON object : View
CWE
CWE-798
Use of Hard-coded Credentials
Products Affected
ge
- xeleris