CRITICAL🇵🇱 Wersja polska

CVE-2024-50588

CVSS 9.8v3.1pub. 2024-11-08upd. 2026-04-15

An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the database includes patient data and login credentials among other sensitive data. In addition, this enables an attacker to create and overwrite arbitrary files on the server filesystem with the rights of the Firebird database ("NT AUTHORITY\SYSTEM").

🤖 AI Analysis
How it works

The Elefant system by Hasomed uses a Firebird database configured with default, widely-known login credentials that are not changed during installation. An attacker on the local network can use these credentials to establish a remote connection to the database with full database administrator (DBA) privileges. Having DBA privileges in a Firebird database running in the context of the 'NT AUTHORITY\SYSTEM' account, an attacker can not only read and modify data in the database, but also create and overwrite arbitrary files in the server's file system.

Impact

An attacker can gain unauthorized access to sensitive patient medical data and login credentials stored in the database, as well as create or overwrite arbitrary files on the server with system privileges (NT AUTHORITY\SYSTEM), which in practice means complete takeover of the server.

Mitigation & patch

Patches available from the vendor should be applied according to references. In urgent mode, it is recommended to immediately change the default authentication credentials of the Firebird database, restrict network access to the database port only to trusted hosts (firewall, network segmentation), and monitor unauthorized connections to the database.

Who is affected

Elefant software by Hasomed — versions indicated in vendor references; affects installations with access to the local network of a medical office

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References