CVE-2020-6964 Information
Feb 14, 2021
cve
Description
In ApexPro Telemetry Server Versions 4.2 and prior CARESCAPE Telemetry Server v4.2 & prior Clinical Information Center (CIC) Versions 4.X and 5.X CARESCAPE Central Station (CSCS) Versions 1.X and CARESCAPE Central Station (CSCS) Versions 2.X the integrated service for keyboard switching of the affected devices could allow attackers to obtain remote keyboard input access without authentication over the network.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Reference
https://www.us-cert.gov/ics/advisories/icsma-20-023-01 https://www3.gehealthcare.com/~/media/downloads/us/support/site-planning/site-readiness/gehc-gateway_project_implementation_guide_pdf.pdf
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
CHANGED
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
NONE
Base Severity
8.6
Share on: