Discover the impact of CVE-2019-13524 on GE PACSystems RX3i CPE100/115, CPE302/305/310/330/400/410, and CRU/320 systems. Learn about the vulnerability, affected versions, and mitigation steps.
GE PACSystems RX3i CPE100/115, CPE302/305/310/330/400/410, and CRU/320 versions prior to specified releases may be vulnerable to a denial-of-service attack due to improper input validation.
Understanding CVE-2019-13524
Versions earlier than R9.85 of GE PACSystems RX3i CPE100/115, versions earlier than R9.90 of CPE302/305/310/330/400/410, and all versions of CRU/320 (which are no longer supported) may be vulnerable to a denial-of-service attack.
What is CVE-2019-13524?
CVE-2019-13524 is a vulnerability in GE PACSystems RX3i CPE100/115, CPE302/305/310/330/400/410, and CRU/320 systems that allows an attacker to send manipulated packets, causing the module state to change to halt-mode, leading to a denial-of-service condition.
The Impact of CVE-2019-13524
Technical Details of CVE-2019-13524
Versions affected, description of the vulnerability, and potential exploitation methods.
Vulnerability Description
The vulnerability arises from improper input validation, enabling attackers to manipulate packets and induce halt-mode, necessitating manual reboot for recovery.
Affected Systems and Versions
Exploitation Mechanism
Mitigation and Prevention
Steps to mitigate the vulnerability and prevent exploitation.
Immediate Steps to Take
Long-Term Security Practices
Patching and Updates