Vulnerability Details CVE-2020-6964
In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X and CARESCAPE Central Station (CSCS) Versions 2.X, the integrated service for keyboard switching of the affected devices could allow attackers to obtain remote keyboard input access without authentication over the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.4%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 5.0
References
Products affected by CVE-2020-6964
-
cpe:2.3:h:gehealthcare:apexpro_telemetry_server:-
-
cpe:2.3:h:gehealthcare:carescape_central_station_mai700:-
-
cpe:2.3:h:gehealthcare:carescape_central_station_mas700:-
-
cpe:2.3:h:gehealthcare:carescape_telemetry_server_mp100r:-
-
cpe:2.3:h:gehealthcare:clinical_information_center_mp100d:-
-
cpe:2.3:h:gehealthcare:clinical_information_center_mp100r:-
-
cpe:2.3:o:gehealthcare:apexpro_telemetry_server_firmware:3.9
-
cpe:2.3:o:gehealthcare:apexpro_telemetry_server_firmware:4.0
-
cpe:2.3:o:gehealthcare:apexpro_telemetry_server_firmware:4.1
-
cpe:2.3:o:gehealthcare:apexpro_telemetry_server_firmware:4.2
-
cpe:2.3:o:gehealthcare:carescape_central_station_mai700_firmware:1.0
-
cpe:2.3:o:gehealthcare:carescape_central_station_mai700_firmware:2.0
-
cpe:2.3:o:gehealthcare:carescape_central_station_mas700_firmware:1.0
-
cpe:2.3:o:gehealthcare:carescape_central_station_mas700_firmware:2.0
-
cpe:2.3:o:gehealthcare:carescape_telemetry_server_mp100r_firmware:4.2
-
cpe:2.3:o:gehealthcare:clinical_information_center_mp100d_firmware:4.0
-
cpe:2.3:o:gehealthcare:clinical_information_center_mp100d_firmware:5.0
-
cpe:2.3:o:gehealthcare:clinical_information_center_mp100r_firmware:4.0
-
cpe:2.3:o:gehealthcare:clinical_information_center_mp100r_firmware:5.0