Clinical Information Center Mp100r Firmware

clinical_information_center_mp100r_firmware

Vendor: Gehealthcare • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-6966 1Gehealthcare 6Apexpro Telemetry Server Firmware Carescape Central Station Mai700 FirmwareCarescape Central Station Mas700 Firmware+3 more Nov 21, 2024 Jan 24, 2020 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products ut...Show more In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an attacker to obtain remote code execution of devices on the network.Show less
CVE-2020-6965 1Gehealthcare 9Apexpro Telemetry Server Firmware Carescape B450 Monitor FirmwareCarescape B650 Monitor Firmware+6 more Nov 21, 2024 Jan 24, 2020 N/A· v4 9.9 CRITICAL· v3 6.5 MEDIUM· v2 In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 V...Show more In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability in the software update mechanism allows an authenticated attacker to upload arbitrary files on the system through a crafted update package.Show less
CVE-2020-6964 1Gehealthcare 6Apexpro Telemetry Server Firmware Carescape Central Station Mai700 FirmwareCarescape Central Station Mas700 Firmware+3 more Nov 21, 2024 Jan 24, 2020 N/A· v4 8.6 HIGH· v3 5.0 MEDIUM· v2 In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X and CARESCAPE Central Sta...Show more In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X and CARESCAPE Central Station (CSCS) Versions 2.X, the integrated service for keyboard switching of the affected devices could allow attackers to obtain remote keyboard input access without authentication over the network.Show less
CVE-2020-6963 1Gehealthcare 6Apexpro Telemetry Server Firmware Carescape Central Station Mai700 FirmwareCarescape Central Station Mas700 Firmware+3 more Nov 21, 2024 Jan 24, 2020 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products ut...Show more In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.Show less
CVE-2020-6962 1Gehealthcare 9Apexpro Telemetry Server Firmware Carescape B450 Monitor FirmwareCarescape B650 Monitor Firmware+6 more Nov 21, 2024 Jan 24, 2020 N/A· v4 10.0 CRITICAL· v3 10.0 HIGH· v2 In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSC...Show more In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X CARESCAPE Central Station (CSCS) Versions 2.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, an input validation vulnerability exists in the web-based system configuration utility that could allow an attacker to obtain arbitrary remote code execution.Show less
CVE-2020-6961 1Gehealthcare 6Apexpro Telemetry Server Firmware Carescape Central Station Mai700 FirmwareCarescape Central Station Mas700 Firmware+3 more Nov 21, 2024 Jan 24, 2020 N/A· v4 10.0 CRITICAL· v3 7.5 HIGH· v2 In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSC...Show more In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X, a vulnerability exists in the affected products that could allow an attacker to obtain access to the SSH private key in configuration files.Show less