Vulnerability Description
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gehealthcare | 3.0T Signa Hdxt Firmware | - |
| Gehealthcare | 3.0T Signa Hdxt | - |
| Gehealthcare | 3.0T Signa Hd 16 Firmware | - |
| Gehealthcare | 3.0T Signa Hd 16 | - |
| Gehealthcare | 3.0T Signa Hd 23 Firmware | - |
| Gehealthcare | 3.0T Signa Hd 23 | - |
| Gehealthcare | 1.5T Brivo Mr355 Firmware | - |
| Gehealthcare | 1.5T Brivo Mr355 | - |
| Gehealthcare | Optima Mr360 Firmware | - |
| Gehealthcare | Optima Mr360 | - |
| Gehealthcare | Signa Hdi 1.5T Firmware | - |
| Gehealthcare | Signa Hdi 1.5T | - |
| Gehealthcare | Signa Vibrant Firmware | - |
| Gehealthcare | Signa Vibrant | - |
| Gehealthcare | Logiq 5 Bt03 Firmware | - |
| Gehealthcare | Logiq 5 Bt03 | - |
| Gehealthcare | Logiq 7 Bt03 Firmware | - |
| Gehealthcare | Logiq 7 Bt03 | - |
| Gehealthcare | Logiq 7 Bt04 Firmware | - |
| Gehealthcare | Logiq 7 Bt04 | - |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsma-20-343-01Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsma-20-343-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2020-25175?
CVE-2020-25175 is a vulnerability with a CVSS score of 9.8 (CRITICAL). GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
How severe is CVE-2020-25175?
CVE-2020-25175 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-25175?
Check the references section above for vendor advisories and patch information. Affected products include: Gehealthcare 3.0T Signa Hdxt Firmware, Gehealthcare 3.0T Signa Hdxt, Gehealthcare 3.0T Signa Hd 16 Firmware, Gehealthcare 3.0T Signa Hd 16, Gehealthcare 3.0T Signa Hd 23 Firmware.