CVE-2024-50593

Published at:
2024-11-08T12:15:15.037
Source: 551230f0-3615-47bd-b7cc-93e92e730bbf

Global infos:

An attacker with local access to the medical office computer can access restricted functions of the Elefant Service tool by using a hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software.

CVE Status: Awaiting Analysis

References:

  • 551230f0-3615-47bd-b7cc-93e92e730bbf
  • 551230f0-3615-47bd-b7cc-93e92e730bbf
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorLOCAL
    Availability ImpactHIGH
    Base Score7.8
    Base SeverityHIGH
    Confidentiality ImpactHIGH
    Integrity ImpactHIGH
    Privileges RequiredLOW
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Exploitability Score1.8
    Impact Score5.9
    Source134c704f-9b21-4f2e-91b3-4a467353bcc0
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords