CVE-2024-2711014.05.2024, 18:15Elevation of privilege vulnerability in GE HealthCare EchoPAC productsEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST8.4 HIGHADJACENT_NETWORKLOWHIGHCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HGEHCCNA8.4 HIGHADJACENT_NETWORKLOWHIGHCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HCISA-ADPADP------CVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 30%Common Weakness EnumerationCWE-250 - Execution with Unnecessary PrivilegesThe software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.Referenceshttps://securityupdate.gehealthcare.com/https://securityupdate.gehealthcare.com/