CVE-2020-6977

🗓️ 20 Feb 2020 20:45:29Reported by icscertType

A restricted desktop environment escape vulnerability in Kiosk Mode functionality of affected GE Ultrasound Products

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of GE HealthCare’s ultrasonic diagnostic system’s Kiosk Mode allows intruders to bypass security restrictions, gain unauthorized access to protected information, and enhance their privileges.	11 Jun 202400:00	–	bdu_fstec
Circl	CVE-2020-6977	17 May 202417:05	–	circl
Cvelist	CVE-2020-6977	20 Feb 202020:45	–	cvelist
EUVD	EUVD-2020-28117	7 Oct 202500:30	–	euvd
ICS	GE Healthcare Ultrasound products (Update A)	18 Feb 202007:00	–	ics
NVD	CVE-2020-6977	20 Feb 202021:15	–	nvd
Prion	Authentication flaw	20 Feb 202021:15	–	prion
Positive Technologies	PT-2020-6969 · Ge Healthcare · Logiq +6	18 Feb 202000:00	–	ptsecurity
RedhatCVE	CVE-2020-6977	22 May 202517:30	–	redhatcve
The Hacker News	Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines	16 May 202410:12	–	thn

NVD

Vulners

Node

ge vivid_e95_firmware

AND

ge vivid_e95Match-

Node

ge vivid_e90_firmware

AND

ge vivid_e90Match-

Node

ge vivid_s70n_firmware

AND

ge vivid_s70nMatch-

Node

ge vivid_t8_firmware

AND

ge vivid_t8Match-

Node

ge vivid_t9_firmware

AND

ge vivid_t9Match-

Node

ge vivid_iq_firmware

AND

ge vivid_iqMatch-

Node

ge logiq_e10_firmware

AND

ge logiq_e10Match-

Node

ge logiq_e9_firmware

AND

ge logiq_e9Match-

Node

ge logiq_s8_firmware

AND

ge logiq_s8Match-

Node

ge logiq_s7_firmware

AND

ge logiq_s7Match-

Node

ge logiq_p9_firmware

AND

ge logiq_p9Match-

Node

ge logiq_e9_with_xdclear_firmware

AND

ge logiq_e9_with_xdclearMatch-

Node

ge voluson_firmware

AND

ge volusonMatch-

Node

ge versana_essential_firmware

AND

ge versana_essentialMatch-

Node

ge invenia_abus_scan_station_firmware

AND

ge invenia_abus_scan_stationMatch-

Node

ge venue_go_firmware

AND

ge venue_goMatch-

[
  {
    "product": "GE Ultrasound Products",
    "vendor": "GE",
    "versions": [
      {
        "status": "affected",
        "version": "Vivid products - all versions"
      },
      {
        "status": "affected",
        "version": "LOGIQ - all versions not including LOGIQ 100 Pro"
      },
      {
        "status": "affected",
        "version": "Voluson - all versions"
      },
      {
        "status": "affected",
        "version": "Versana Essential - all versions"
      },
      {
        "status": "affected",
        "version": "Invenia ABUS Scan station - all versions"
      },
      {
        "status": "affected",
        "version": "Venue - all versions not including Venue 40 R1-3 and Venue 50 R4-5"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.gov/ics/advisories/icsma-20-049-02

17 Jun 2026 03:24Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.8

CVSS 27.2

EPSS0.00428