CVE-2024-50593

CVE-2024-50593: Hardcoded Service Password

Vendor Hasomed
Product Elefant
Weakness CWE-798 · Hardcoded credentials
Published November 8, 2024
Last update November 3, 2025

CVSS base score

What the vulnerability does

01Description

An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software.

Key dates

02Disclosure timeline

November 8, 2024 CVE published
November 3, 2025 Record updated