Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:58 a.m.9 views

CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

9.8CVSS8.3AI score0.01414EPSS
Exploits1References1
NVD
NVD
added 2023/11/10 7:15 a.m.32 views

CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

9.8CVSS0.01414EPSS
Exploits1References2
OSV
OSV
added 2023/11/10 7:15 a.m.3 views

CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

9.8CVSS6.1AI score0.01414EPSS
Exploits1References2
Prion
Prion
added 2023/11/10 7:15 a.m.21 views

Default credentials

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

7.5CVSS8.8AI score0.01414EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2023/11/10 12:0 a.m.29 views

CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

10AI score0.01414EPSS
Exploits1References2
CVE
CVE
added 2023/11/10 12:0 a.m.33 views

CVE-2023-47800

CVE-2023-47800 affects Natus NeuroWorks and SleepWorks prior to version 8.4 GMA3. The root cause is a default password (xltek) on the Microsoft SQL Server service account sa, enabling a threat actor to perform remote code execution, data exfiltration, or data/tampering and disruption of MSSQL ser...

9.8CVSS9.8AI score0.01414EPSS
Exploits1References2Affected Software2
CNNVD
CNNVD
added 2023/11/10 12:0 a.m.6 views

Natus NeuroWorks Security Breach

Natus NeuroWorks is EEG analysis software from Natus. A security vulnerability exists in Natus NeuroWorks EEG Software prior to version 8.4 GMA3, which stems from the use of a default password for the Microsoft SQL Server service sa account, allowing an attacker to execute remote code or disclose...

9.8CVSS8.2AI score0.01414EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/11/09 12:0 a.m.6 views

PT-2023-30615 · Natus +1 · Natus Neuroworks +2

Name of the Vulnerable Software and Affected Versions: Natus NeuroWorks and SleepWorks versions prior to 8.4 GMA3 Description: The issue arises from the use of a default password xltek for the Microsoft SQL Server service sa account in Natus NeuroWorks and SleepWorks. This allows a threat actor t...

9.8CVSS9.8AI score0.01414EPSS
Exploits1References5
Talos Blog
Talos Blog
added 2018/10/30 11:13 a.m.18 views

Talos Vulnerability Discovery Year in Review - 2018

Introduction Cisco Talos' Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to vendors so that they can create patches and protect their customers as soon as possible. We...

Exploits0
CNVD
CNVD
added 2018/06/21 12:0 a.m.2 views

Natus Xltek NeuroWorks Buffer Overflow Vulnerability (CNVD-2018-12131)

Natus Xltek NeuroWorks is a suite of versatile software platforms for EEG testing, long-term monitoring, ICU monitoring and sleep studies from Natus Medical, USA. A buffer overflow vulnerability exists in the NewProducerStream feature in Natus Xltek NeuroWorks version 9. A remote attacker could...

10CVSS9.6AI score0.02631EPSS
Exploits0References1
OSV
OSV
added 2018/06/01 3:29 p.m.5 views

CVE-2017-2852

An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this...

7.5CVSS5.8AI score0.01388EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2018/05/31 12:34 p.m.109 views

Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilites

Vulnerabilities discovered by Cory Duplantis from Talos Overview In April 2018, Talos published 5 vulnerabilities in Natus NeuroWorks software. We have also identified 3 additional vulnerabilities. This software is used in the Natus Xltek EEG medical products from Natus Medical Inc. The vulnerabl...

7.5CVSS1.2AI score0.03436EPSS
Exploits0
Talos Blog
Talos Blog
added 2018/04/04 11:30 a.m.164 views

Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities

Vulnerabilities discovered by Cory Duplantis from Talos Overview Talos has discovered multiple vulnerabilities in Natus NeuroWorks software. This software is used in the Natus Xltek EEG medical products from Natus Medical Inc. The vulnerable devices contain an ethernet connection for data...

7.5CVSS10.3AI score0.03436EPSS
Exploits0
Talos
Talos
added 2018/04/04 12:0 a.m.101 views

Natus Xltek EEG NeuroWorks SavePatientMontage Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability. Teste...

9.8CVSS9.7AI score0.02314EPSS
Exploits0
Rows per page
Query Builder