CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

Natus NeuroWorks Security Breach

Natus NeuroWorks is EEG analysis software from Natus. A security vulnerability exists in Natus NeuroWorks EEG Software prior to version 8.4 GMA3, which stems from the use of a default password for the Microsoft SQL Server service sa account, allowing an attacker to execute remote code or disclose...

Natus Xltek NeuroWorks Buffer Overflow Vulnerability (CNVD-2018-12131)

Natus Xltek NeuroWorks is a suite of versatile software platforms for EEG testing, long-term monitoring, ICU monitoring and sleep studies from Natus Medical, USA. A buffer overflow vulnerability exists in the NewProducerStream feature in Natus Xltek NeuroWorks version 9. A remote attacker could...

CVE-2017-2852

An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this...