CVE-2020-6966

CRITICAL Year: 2020
CVSS v3 Score
10.0
Critical
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-326
View all →

Vulnerability Description

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an attacker to obtain remote code execution of devices on the network.

Related Vulnerabilities

CVE-2011-4121

CRITICAL
CVSS:9.8(Critical)

The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to be used for private RSA key generation. A remote attacker could use th...

CWE-3262011

CVE-2013-2166

CRITICAL
CVSS:9.8(Critical)

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass

CWE-3262013

CVE-2013-7287

CRITICAL
CVSS:9.8(Critical)

MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.

CWE-3262013

CVE-2014-9975

CRITICAL
CVSS:9.8(Critical)

In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.

CWE-3262014

CVE-2015-0575

CRITICAL
CVSS:9.8(Critical)

In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration.

CWE-3262015

CVE-2016-5804

CRITICAL
CVSS:9.8(Critical)

Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170 before 2.5, and MGate MB3270 before 2.7 use weak encryption, which allows remote attackers to bypass authen...

CWE-3262016