Filtered by vendor Natus Subscriptions
Total 9 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-47800 1 Natus 2 Neuroworks Eeg, Sleepworks 2024-11-21 9.8 Critical
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services.
CVE-2017-2869 1 Natus 1 Xltek Neuroworks 2024-11-21 9.8 Critical
An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2868 1 Natus 1 Xltek Neuroworks 2024-11-21 9.8 Critical
An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2867 1 Natus 1 Xltek Neuroworks 2024-11-21 9.8 Critical
An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability.
CVE-2017-2861 1 Natus 1 Xltek Neuroworks 2024-11-21 7.5 High
An exploitable Denial of Service vulnerability exists in the use of a return value in the NewProducerStream command in Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out of bounds read resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2860 1 Natus 1 Xltek Neuroworks 2024-11-21 7.5 High
An exploitable denial-of-service vulnerability exists in the lookup entry functionality of KeyTrees in Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2858 1 Natus 1 Xltek Neuroworks 2024-11-21 7.5 High
An exploitable denial-of-service vulnerability exists in the traversal of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2853 1 Natus 1 Xltek Neuroworks 2024-11-21 9.8 Critical
An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2017-2852 1 Natus 1 Xltek Neuroworks 2024-11-21 7.5 High
An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability.