CVE-2024-50593
CVSS V2 None
CVSS V3 None
Description
An attacker with local access to the medical office computer can
access restricted functions of the Elefant Service tool by using a
hard-coded "Hotline" password in the Elefant service binary, which is shipped with the software.
Overview
- CVE ID
- CVE-2024-50593
- Assigner
- SEC-VLab
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-08T12:06:28.619Z
- Last Modified Date
- 2024-11-08T15:41:42.624Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://r.sec-consult.com/hasomed | third-party-advisory |
| https://hasomed.de/produkte/elefant/ | patch |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-50593 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50593 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-11-09 13:25:55 | Added to TrackCVE |