CVE-2017-14002

Summary

GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

Affected Software

VendorProductVersion RangeStatus
GE HealthcareGE InfiniaAllaffected

Weaknesses

  • CWE-287: IMPROPER AUTHENTICATION CWE-287 The affected devices use default or hard-coded credentials.

ADP Enrichment

CVE Program Container

Additional References

References