CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

Default credentials

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL...

PT-2023-30615 · Natus +1 · Natus Neuroworks +2

Name of the Vulnerable Software and Affected Versions: Natus NeuroWorks and SleepWorks versions prior to 8.4 GMA3 Description: The issue arises from the use of a default password xltek for the Microsoft SQL Server service sa account in Natus NeuroWorks and SleepWorks. This allows a threat actor t...

Natus Xltek NeuroWorks

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Natus Medical, Inc. Natus Equipment: Natus Xltek NeuroWorks software Vulnerabilities: Stack-Based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these...