Vulnerabilities > CVE-2009-5143 - Credentials Management vulnerability in Gehealthcare Discovery 530C Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Common Weakness Enumeration (CWE)
References
- http://apps.gehealthcare.com/servlet/ClientServlet/5323167-1EN_r2.pdf?REQ=RAA&DIRECTION=5323167-1EN&FILENAME=5323167-1EN_r2.pdf&FILEREV=2&DOCREV_ORG=2
- http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
- https://twitter.com/digitalbond/status/619250429751222277