PT-2023-30615 · Natus+1 · Sleepworks+2
John Jackson
·
Published
2023-11-09
·
Updated
2023-11-23
·
CVE-2023-47800
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Natus NeuroWorks and SleepWorks versions prior to 8.4 GMA3
Description
The issue arises from the use of a default password
xltek for the Microsoft SQL Server service sa account in Natus NeuroWorks and SleepWorks. This allows a threat actor to perform remote code execution, data exfiltration, or other malicious actions such as tampering with data or destroying/disrupting MSSQL services.Recommendations
For versions prior to 8.4 GMA3, update to version 8.4 GMA3 or later to resolve the issue. As a temporary workaround, consider changing the default password
xltek for the Microsoft SQL Server service sa account to a strong, unique password. Restrict access to the Microsoft SQL Server service to minimize the risk of exploitation.Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sql Server
Natus Neuroworks
Sleepworks