CVE-2002-2446

Published: Aug 4, 2015Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

Affected (3)

Products: Gehealthcare: Millennium Mg Firmware, Millennium Myosight Firmware, Millennium Nc Firmware

Gehealthcare

3 products

Millennium Mg Firmware

Millennium Myosight Firmware

Millennium Nc Firmware

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Gehealthcare Millennium Mg Firmware	All versions
Gehealthcare Millennium Myosight Firmware	All versions
Gehealthcare Millennium Nc Firmware	All versions

Related CWEs

CWE-255

References (10)

http://apps.gehealthcare.com/servlet/ClientServlet/2338955-100.pdf?REQ=RAA&DIRECTION=2338955-100&FILENAME=2338955-100.pdf&FILEREV=1&DOCREV_ORG=1

Source: cve@mitre.org

http://apps.gehealthcare.com/servlet/ClientServlet/2354459-100.pdf?REQ=RAA&DIRECTION=2354459-100&FILENAME=2354459-100.pdf&FILEREV=4&DOCREV_ORG=4

Source: cve@mitre.org

http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/

Source: cve@mitre.org

https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02

Source: cve@mitre.org

https://twitter.com/digitalbond/status/619250429751222277

Source: cve@mitre.org

http://apps.gehealthcare.com/servlet/ClientServlet/2338955-100.pdf?REQ=RAA&DIRECTION=2338955-100&FILENAME=2338955-100.pdf&FILEREV=1&DOCREV_ORG=1