CVE-2020-6977
Published Feb 20, 2020
Last updated 5 years ago
Overview
- Description
- A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affected devices. Specially crafted inputs can allow the user to escape the restricted environment, resulting in access to the underlying operating system. Affected devices include the following GE Ultrasound Products: Vivid products - all versions; LOGIQ - all versions not including LOGIQ 100 Pro; Voluson - all versions; Versana Essential - all versions; Invenia ABUS Scan station - all versions; Venue - all versions not including Venue 40 R1-3 and Venue 50 R4-5
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.8
- Impact score
- 5.9
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:vivid_e95:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AFFA0A88-A994-439F-8A2C-C5192497F95E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:vivid_e95_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D5CFE13-6BB7-4AB5-A7B5-E9835F57153C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:vivid_e90:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FA30F2BA-90CD-48FF-8136-F6B803420D04"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:vivid_e90_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5626583-2827-481E-9D08-CF91B72FBB24"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:vivid_s70n:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3CE98481-E7EB-42C3-A4C3-66AB05523BC4"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:vivid_s70n_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64175A54-FECA-440D-A7EE-13787C46CCB7"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:vivid_t8:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0A4DCE57-C4F9-4A3D-8065-C347B6E2FBA2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:vivid_t8_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A732E1FF-C0BC-47A6-97C0-2ADCD3FF2F41"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:vivid_t9:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C599B7B4-79C8-4F40-877C-9A1C03CABA09"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:vivid_t9_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62FE1705-2A1A-4C86-9C0F-DA9589425EC1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:vivid_iq:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "687EB7A2-7E4D-47D3-9417-AD5B61C99950"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:vivid_iq_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36D73039-53C4-4240-9181-95A8C4983A70"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:logiq_e10:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B654C47B-9E53-436E-AF9B-5C7B9F9662D0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:logiq_e10_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B050014-FE29-447A-9F79-D81830453645"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:logiq_e9:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9119C872-186E-4030-AA29-CCF283ED4760"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:logiq_e9_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE6210B1-9F2A-411D-B593-8B4B82BFEB0B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:logiq_s8_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6397FD39-BE3D-46C6-8EF5-197F9BDD62AD"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:logiq_s8:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "592EC130-0AC6-4CCC-B55D-564761E28AA1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:logiq_s7_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3B8A2821-540F-4432-8C64-672D5F47471A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:logiq_s7:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "721D0EC4-2C6C-4037-A6F5-2903FE96BD24"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:logiq_p9_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCB8B4F9-2988-425B-BB74-E4AFD34F3011"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:logiq_p9:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3DF46C72-0F91-415C-A66E-A36496ABBCCA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:logiq_e9_with_xdclear_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9A7B94D-19D4-425B-8FE3-CBCBA73E1D9D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:logiq_e9_with_xdclear:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9330CC77-EC30-44BA-9760-59B0911F8B3F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:voluson_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A3C089D-BBD4-4A63-A054-A944225389A1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:voluson:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DF6F6762-240B-41B3-9B88-E1165AD09ECB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:versana_essential_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DE77AE1-431F-462F-9972-E8DA61F79F92"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:versana_essential:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "24CFA4A8-8F47-47B1-A8CB-94472624ACAF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:invenia_abus_scan_station_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "091C8777-9A9C-4E1F-9E6B-10BDFDB88B40"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:invenia_abus_scan_station:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E4D48120-6BFF-44EA-B1A8-0532C67D1346"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:venue_go_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85BECC99-91F0-43C0-A3EB-D447A9D1227B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:venue_go:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5BFD24F4-3D3C-4545-9A02-F56429901DF8"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]