CVE-2017-2853

Name of the Vulnerable Software and Affected Versions: Natus Xltek NeuroWorks version 8

Description: A Code Execution issue exists in the RequestForPatientInfoEEGfile functionality. It can be triggered by a specially crafted network packet, causing a stack buffer overflow and resulting in arbitrary command execution. An attacker can exploit this by sending a malicious packet.

Recommendations: For Natus Xltek NeuroWorks version 8, consider restricting access to the RequestForPatientInfoEEGfile functionality until a patch is available. As a temporary workaround, network traffic should be monitored for suspicious packets to minimize the risk of exploitation.