Assigner | GEHC |
Reserved | 2024-02-13 |
Published | 2024-05-14 |
Updated | 2024-05-14 |
Description
Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Problem types
CWE-732 Incorrect Permission Assignment for Critical Resource
Product status
R1
R2
R3
R4
R2
R3
R4
R3
R4
R7
R8
R9
Any version
E95 before 206
E90 before 206
E80 before 206
E9 113.2
70N before 206
60N before 206
T8 before 206
T9 before 206
Any version before 206
1.2.3
Any version before 2.2.9
Credits
Andrea Palanca and Gabriele Quagliarella of Nozomi Networks
References
https://securityupdate.gehealthcare.com/