Arbitrary file upload in GE products - CVE-2020-6965
Published: January 24, 2020
Vulnerability identifier: #VU24507
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2020-6965
CWE-ID: CWE-434
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: GE
Affected software:
ApexPro Telemetry Server
CARESCAPE Telemetry Server
Clinical Information Center (CIC)
CARESCAPE Monitor B450
CARESCAPE Monitor B650
CARESCAPE Monitor B850
CARESCAPE Central Station (CSCS)
ApexPro Telemetry Server
CARESCAPE Telemetry Server
Clinical Information Center (CIC)
CARESCAPE Monitor B450
CARESCAPE Monitor B650
CARESCAPE Monitor B850
CARESCAPE Central Station (CSCS)
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file uploads in the software update mechanism. A remote authenticated attacker can upload arbitrary files on the system through a crafted update package.
Note: This vulnerability affects the following versions of GE products:
- Clinical Information Center (CIC), Versions 4.X and 5.X
- CARESCAPE Central Station (CSCS), Versions 1.X
- B450, Version 2.X
- B650, Version 1.X
- B650, Version 2.X
- B850, Version 1.X
- B850, Version 2.X
How to mitigate CVE-2020-6965
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.