CVE-2020-6963

EPSS 2.7%CWE-798

Vexday Risk Score

3Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS —EPSS 2.7%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

24 jan 2020Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.

Produtos afetados

n/a · GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.us-cert.gov/ics/advisories/icsma-20-023-01