ICSMA-20-184-01 · Published 2021-06-15 · View on CISA ICS-CERT ↗

OpenClinic GA (Update B)

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication, discover restricted information, view/manipulate restricted database information, and/or execute malicious code.

CVEs (11)

CVE-2020-14485 CVE-2020-14484 CVE-2020-14494 CVE-2020-14491 CVE-2020-14488 CVE-2020-14490 CVE-2020-14486 CVE-2020-14492 CVE-2014-0114 CVE-2016-1181 CVE-2016-1182

Remediations

OpenClinic GA has released an updated version to resolve these vulnerabilities, and recommend users upgrade to Version 5.170.5 or later.

Affected Vendors

OpenClinic GA

Affected Products (2)

OpenClinic GA · OpenClinic GA 5.09.02

OpenClinic GA · OpenClinic GA 5.89.05b

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more