CVE-2020-6966

CVE-2020-6966

Vendor N/A
Product GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
Weakness CWE-326 · Weak encryption
Published January 24, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an attacker to obtain remote code execution of devices on the network.

Key dates

02Disclosure timeline

January 24, 2020 CVE published
August 4, 2024 Record updated