CyberSec.Space Logo
Back to CVE Browser

CVE-2020-6963

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1340%
EPSS Percentile29.50th
PublishedJan 24, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.

Affected Platforms (CPE)

πŸ’»
Gehealthcare

Apexpro Telemetry Server Firmware

<= 4.2
πŸ’»
Gehealthcare

Carescape Central Station Mai700 Firmware

= 1.0
πŸ’»
Gehealthcare

Carescape Central Station Mas700 Firmware

= 1.0
πŸ’»
Gehealthcare

Clinical Information Center Mp100d Firmware

= 4.0
πŸ’»
Gehealthcare

Clinical Information Center Mp100d Firmware

= 5.0
πŸ’»
Gehealthcare

Clinical Information Center Mp100r Firmware

= 4.0
πŸ’»
Gehealthcare

Clinical Information Center Mp100r Firmware

= 5.0
πŸ’»
Gehealthcare

Carescape Telemetry Server Mp100r Firmware

<= 4.2

References & Advisories

πŸ”— https://www.us-cert.gov/ics/advisories/icsma-20-023-01
πŸ”— https://www3.gehealthcare.com/~/media/downloads/us/support/site-planning/site-readiness/gehc-gateway_project_implementation_guide_pdf.pdf
πŸ”— https://www.us-cert.gov/ics/advisories/icsma-20-023-01

Related Vulnerabilities

CVE-2020-941110.0

The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerabilit...

CVE-2020-941210.0

The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server for IBM i contains a vulnerabilit...

CVE-2020-1249310.0

An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device wi...

CVE-2020-1460610.0

Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). Supported versi...