CVE-2017-14006

Summary

GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

Affected Software

VendorProductVersion RangeStatus
GE HealthcareGE Xeleris1.0,1.1,2.1,3.0,3.1affected

Weaknesses

  • CWE-287: IMPROPER AUTHENTICATION CWE-287 The affected devices use default or hard-coded credentials.

ADP Enrichment

CVE Program Container

Additional References

References