Optima Mr360 Firmware Security Vulnerabilities

CVE-2020-25179

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the...

CVE-2020-25175

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the...

CVE-2010-5307

The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default,...

CVE-2010-5308

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access.....