CVE-2018-8867

Name of the Vulnerable Software and Affected Versions GE PACSystems RX3i CPE305/310 versions 9.20 and prior GE PACSystems RX3i CPE330 version 9.21 and prior GE PACSystems RX3i CPE 400 version 9.30 and prior GE PACSystems RSTi-EP CPE 100 all versions GE PACSystems CPU320/CRU320 RXi all versions

Description The device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable.

Recommendations For GE PACSystems RX3i CPE305/310 versions 9.20 and prior, update to a version later than 9.20. For GE PACSystems RX3i CPE330 version 9.21 and prior, update to a version later than 9.21. For GE PACSystems RX3i CPE 400 version 9.30 and prior, update to a version later than 9.30. For GE PACSystems RSTi-EP CPE 100 all versions, consider implementing additional security measures to prevent remote attacks. For GE PACSystems CPU320/CRU320 RXi all versions, consider implementing additional security measures to prevent remote attacks.