Vulnerability CVE-2023-47800
Published: 2023-11-10

Description:
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services.

 References:
https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-006.txt
https://partner.natus.com/m/7cd3bcca88e446d4/original/NeuroWorks-SleepWorks-Product-Security-Bulletin.pdf
Copyright 2026, cxsecurity.com

 

Back to Top