Vulnerability Description
GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gehealthcare | Precision Mpi | All versions |
Related Weaknesses (CWE)
References
- http://apps.gehealthcare.com/servlet/ClientServlet/2407310-100+Vol.+F_Rev1.pdf?R
- http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
- https://twitter.com/digitalbond/status/619250429751222277
- http://apps.gehealthcare.com/servlet/ClientServlet/2407310-100+Vol.+F_Rev1.pdf?R
- http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
- https://twitter.com/digitalbond/status/619250429751222277
FAQ
What is CVE-2012-6660?
CVE-2012-6660 is a vulnerability with a CVSS score of 10.0 (HIGH). GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact ...
How severe is CVE-2012-6660?
CVE-2012-6660 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-6660?
Check the references section above for vendor advisories and patch information. Affected products include: Gehealthcare Precision Mpi.