Vulnerability Details : CVE-2014-7233
GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and Activation" using DSASetup, and (4) an empty string for Shutter Configuration, which has unspecified impact and attack vectors. NOTE: since these passwords appear to be used to access functionality during installation, this issue might not cross privilege boundaries and might not be a vulnerability.
Products affected by CVE-2014-7233
- cpe:2.3:h:gehealthcare:precision_thunis-800\+:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-7233
0.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 68 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-7233
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-7233
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-7233
-
https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
GE Medical Devices Vulnerability | CISA
-
http://apps.gehealthcare.com/servlet/ClientServlet/5458232-1EN+r4.pdf?REQ=RAA&DIRECTION=5458232-1EN&FILENAME=5458232-1EN%2Br4.pdf&FILEREV=4&DOCREV_ORG=4
Support Documentation Library - Support | GE Healthcare
-
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
Vulnerable Breasts And Brains? Cancer Scan Tech Has Terrible Password Security
-
https://twitter.com/digitalbond/status/619250429751222277
Dale Peterson on Twitter: "Funny slide with GE default password word cloud. Go bigguy! #Shakacon http://t.co/t1dcIziQza"
Jump to