7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.8 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.6%
A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. Specially crafted inputs can allow the user to escape the restricted environment, resulting in access to the underlying operating system. Affected devices include the following GE Ultrasound Products: Vivid products - all versions; LOGIQ - all versions not including LOGIQ 100 Pro; Voluson - all versions; Versana Essential - all versions; Invenia ABUS Scan station - all versions; Venue - all versions not including Venue 40 R1-3 and Venue 50 R4-5
CPE | Name | Operator | Version |
---|---|---|---|
ge:vivid_e95_firmware | ge vivid e95 firmware | eq | * |
[
{
"product": "GE Ultrasound Products",
"vendor": "GE",
"versions": [
{
"status": "affected",
"version": "Vivid products - all versions"
},
{
"status": "affected",
"version": "LOGIQ - all versions not including LOGIQ 100 Pro"
},
{
"status": "affected",
"version": "Voluson - all versions"
},
{
"status": "affected",
"version": "Versana Essential - all versions"
},
{
"status": "affected",
"version": "Invenia ABUS Scan station - all versions"
},
{
"status": "affected",
"version": "Venue - all versions not including Venue 40 R1-3 and Venue 50 R4-5"
}
]
}
]
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.8 Medium
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.6%