14 matches found
CVE-2023-47800
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
CVE-2023-47800
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
CVE-2023-47800
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
Default credentials
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
CVE-2023-47800
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...
CVE-2023-47800
CVE-2023-47800 affects Natus NeuroWorks and SleepWorks prior to version 8.4 GMA3. The root cause is a default password (xltek) on the Microsoft SQL Server service account sa, enabling a threat actor to perform remote code execution, data exfiltration, or data/tampering and disruption of MSSQL ser...
Natus NeuroWorks Security Breach
Natus NeuroWorks is EEG analysis software from Natus. A security vulnerability exists in Natus NeuroWorks EEG Software prior to version 8.4 GMA3, which stems from the use of a default password for the Microsoft SQL Server service sa account, allowing an attacker to execute remote code or disclose...
PT-2023-30615 · Natus +1 · Natus Neuroworks +2
Name of the Vulnerable Software and Affected Versions: Natus NeuroWorks and SleepWorks versions prior to 8.4 GMA3 Description: The issue arises from the use of a default password xltek for the Microsoft SQL Server service sa account in Natus NeuroWorks and SleepWorks. This allows a threat actor t...
Talos Vulnerability Discovery Year in Review - 2018
Introduction Cisco Talos' Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to vendors so that they can create patches and protect their customers as soon as possible. We...
Natus Xltek NeuroWorks Buffer Overflow Vulnerability (CNVD-2018-12131)
Natus Xltek NeuroWorks is a suite of versatile software platforms for EEG testing, long-term monitoring, ICU monitoring and sleep studies from Natus Medical, USA. A buffer overflow vulnerability exists in the NewProducerStream feature in Natus Xltek NeuroWorks version 9. A remote attacker could...
CVE-2017-2852
An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this...
Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilites
Vulnerabilities discovered by Cory Duplantis from Talos Overview In April 2018, Talos published 5 vulnerabilities in Natus NeuroWorks software. We have also identified 3 additional vulnerabilities. This software is used in the Natus Xltek EEG medical products from Natus Medical Inc. The vulnerabl...
Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities
Vulnerabilities discovered by Cory Duplantis from Talos Overview Talos has discovered multiple vulnerabilities in Natus NeuroWorks software. This software is used in the Natus Xltek EEG medical products from Natus Medical Inc. The vulnerable devices contain an ethernet connection for data...
Natus Xltek EEG NeuroWorks SavePatientMontage Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability. Teste...