CVE-2024-3699 – CVE-2024-3699 is a critical vulnerability in dr... (How to Fix)

Q: What is the severity of CVE-2024-3699?

CVE-2024-3699 has a CVSS score of 9.8 (CRITICAL). CVE-2024-3699 is a critical vulnerability in drEryk Gabinet medical software where a hard-coded database password allows attackers to access sensitive patient data. This affects all installations of drEryk Gabinet versions 7.0.0.0 through 9.17.0.0, potentially exposing medical records and personal information.

📋 TL;DR

CVE-2024-3699 is a critical vulnerability in drEryk Gabinet medical software where a hard-coded database password allows attackers to access sensitive patient data. This affects all installations of drEryk Gabinet versions 7.0.0.0 through 9.17.0.0, potentially exposing medical records and personal information.

💻 Affected Systems

Products:

drEryk Gabinet

Versions: 7.0.0.0 through 9.17.0.0

Operating Systems: Windows (based on typical medical software deployment)

Default Config Vulnerable: ⚠️ Yes

Notes: All installations within the affected version range are vulnerable regardless of configuration.

📦 What is this software?

Gabinet by Dreryk

View all CVEs affecting Gabinet →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of patient database leading to mass medical data theft, identity theft, blackmail, and regulatory violations.

🟠

Likely Case

Unauthorized access to patient medical records, personal information, and sensitive healthcare data.

🟢

If Mitigated

Limited or no data exposure if proper network segmentation and access controls are implemented.

🌐 Internet-Facing: HIGH - If the database is exposed to the internet, attackers can directly access sensitive data.

🏢 Internal Only: HIGH - Even internally, any compromised system or malicious insider can access the database with the hard-coded password.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only knowledge of the hard-coded password and database connection details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.18.0.0 or later

Vendor Advisory: https://dreryk.pl/produkty/gabinet/

Restart Required: Yes

Instructions:

1. Backup database and configuration. 2. Download and install drEryk Gabinet version 9.18.0.0 or later from official vendor site. 3. Restart the application and verify functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate the drEryk Gabinet database server from untrusted networks and limit access to authorized systems only.

Database Password Change

all

Manually change the database password in the application configuration and database authentication settings.

🧯 If You Can't Patch

Implement strict network access controls to limit database connections to authorized application servers only.
Deploy database activity monitoring to detect unauthorized access attempts and alert on suspicious queries.

🔍 How to Verify

Check if Vulnerable:

Check drEryk Gabinet version in application settings or About dialog. Versions 7.0.0.0 through 9.17.0.0 are vulnerable.

Check Version:

Check application interface or installation directory for version information.

Verify Fix Applied:

Verify installation of version 9.18.0.0 or later and confirm database connection uses unique credentials.

📡 Detection & Monitoring

Log Indicators:

Unusual database connection attempts from unauthorized IPs
Multiple failed login attempts followed by successful access
Database queries from unexpected user accounts

Network Indicators:

Database port (typically 1433 for SQL Server) connections from unexpected sources
Unencrypted database traffic containing sensitive medical data

SIEM Query:

source="database_logs" AND (event_type="authentication" AND result="success" AND user="hardcoded_user") OR (source_ip NOT IN allowed_ips AND destination_port=1433)

📊 Metadata

CVE ID: CVE-2024-3699

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-259

Published: June 10, 2024

Last Updated: October 3, 2025

🔗 References

https://cert.pl/en/posts/2024/06/CVE-2024-1228/ Third Party Advisory
https://cert.pl/posts/2024/06/CVE-2024-1228/ Third Party Advisory
https://dreryk.pl/produkty/gabinet/ Product
https://cert.pl/en/posts/2024/06/CVE-2024-1228/ Third Party Advisory
https://cert.pl/posts/2024/06/CVE-2024-1228/ Third Party Advisory
https://dreryk.pl/produkty/gabinet/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-3699, you might also want to check these: