Vulnerability CVE-2009-5143


Published: 2015-08-04

Description:
GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Type:

CWE-255

(Credentials Management)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Gehealthcare -> Discovery 530c firmware 

 References:
http://apps.gehealthcare.com/servlet/ClientServlet/5323167-1EN_r2.pdf?REQ=RAA&DIRECTION=5323167-1EN&FILENAME=5323167-1EN_r2.pdf&FILEREV=2&DOCREV_ORG=2
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
https://twitter.com/digitalbond/status/619250429751222277

Copyright 2024, cxsecurity.com

 

Back to Top