VYPR
Vendor

Gehealthcare

Products
40
CVEs
43
Across products
59
Status
Private

Products

40
View all 40 products →

Recent CVEs

43
View all 43 CVEs →
  • CVE-2020-6966CriJan 24, 2020
    risk 0.65cvss 10.0epss 0.02

    In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control,…

  • CVE-2020-6962CriJan 24, 2020
    risk 0.65cvss 10.0epss 0.05

    In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X CARESCAPE Central Station (CSCS) Versions…

  • CVE-2020-6961CriJan 24, 2020
    risk 0.65cvss 10.0epss 0.02

    In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X, a vulnerability exists in the affected…

  • CVE-2020-25175CriDec 14, 2020
    risk 0.64cvss 9.8epss 0.01

    GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.

  • CVE-2020-6965CriJan 24, 2020
    risk 0.64cvss 9.9epss 0.01

    In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850…

  • CVE-2017-14008CriMar 20, 2018
    risk 0.64cvss 9.8epss 0.03

    GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

  • CVE-2017-14006CriMar 20, 2018
    risk 0.64cvss 9.8epss 0.02

    GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the…

  • CVE-2017-14004CriMar 20, 2018
    risk 0.64cvss 9.8epss 0.02

    GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

  • CVE-2017-14002CriMar 20, 2018
    risk 0.64cvss 9.8epss 0.05

    GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected…

  • CVE-2024-27107CriMay 14, 2024
    risk 0.62cvss 9.6epss 0.00

    Weak account password in GE HealthCare EchoPAC products

  • CVE-2020-6964HigJan 24, 2020
    risk 0.56cvss 8.6epss 0.01

    In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X and CARESCAPE Central Station (CSCS) Versions 2.X, the integrated service for…

  • CVE-2024-27110HigMay 14, 2024
    risk 0.55cvss 8.4epss 0.00

    Elevation of privilege vulnerability in GE HealthCare EchoPAC products

  • CVE-2024-1630HigMay 14, 2024
    risk 0.50cvss 7.7epss 0.00

    Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component

  • CVE-2024-27109HigMay 14, 2024
    risk 0.49cvss 7.6epss 0.00

    Insufficiently protected credentials in GE HealthCare EchoPAC products

  • CVE-2024-27108MedMay 14, 2024
    risk 0.44cvss 6.8epss 0.00

    Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products

  • CVE-2024-1629MedMay 14, 2024
    risk 0.40cvss 6.2epss 0.00

    Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component

  • CVE-2024-27106MedMay 14, 2024
    risk 0.37cvss 5.7epss 0.00

    Vulnerable data in transit in GE HealthCare EchoPAC products

  • CVE-2014-9736Aug 4, 2015
    risk 0.00cvss epss 0.02

    GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage…

  • CVE-2014-7233Aug 4, 2015
    risk 0.00cvss epss 0.02

    GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and Activation" using DSASetup, and (4) an empty string for Shutter Configuration,…

  • CVE-2014-7232Aug 4, 2015
    risk 0.00cvss epss 0.02

    GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default,…