CVE-2019-10966
CVE-2019-10966 affects GE Aestiva and Aespire anesthesia devices (7100/7900) where serial ports extended to TCP/IP via an unsecured terminal server. Root cause is improper authentication, enabling remote modification of device configuration and silencing of alarms without user interaction. The IC...