Описание
Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow a threat actor with momentary physical access to gain privileged access to any device. Privileged credential access enables the extraction of sensitive patient information or modification of device parameters
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:contechealth:cms8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:contechealth:cms8000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.0007
Низкий
4.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-798
CWE-798
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow a threat actor with momentary physical access to gain privileged access to any device. Privileged credential access enables the extraction of sensitive patient information or modification of device parameters
EPSS
Процентиль: 22%
0.0007
Низкий
4.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-798
CWE-798