Content |
2024: GE Healthcare has admitted to the existence of holes in ultrasound scanners. Because of them, devices can fail
In mid-May 2024, GE Healthcare reported vulnerabilities in Vivid T9 ultrasound scanners. Exploitation of holes can lead to a variety of negative consequences - from the introduction of ransomware to the failure of devices. Read more here.
2023
GE HealthCare ventilators cause chemical poisoning
On January 9, 2024, the U.S. Food and Drug Administration (FDA) reported that certain GE HealthCare ventilators (IVLs) equipment during operation could release potentially hazardous chemicals. This creates a risk of breathing problems and poisoning in patients. Read more here.
GE Healthcare is recalling defective sensors to monitor blood oxygen. They block defibrillation of the heart
On July 28, 2023, the U.S. Food and Drug Administration (FDA) announced the recall of defective blood oxygen control sensors manufactured by GE Healthcare. These products can prevent defibrillation of the heart, which poses a serious threat to the health and life of patients. Read more here.
GE HealthCare recalls defective tomographs that crush patients
In mid-February 2023, GE HealthCare recalls defective imaging tomographs after identifying problems with two mechanisms in the devices, which can cause the equipment to crush patients. Read more here.
2022: GE Healthcare recalls defective batteries for ventilators
GE Healthcare recalls defective Carescape R860 ventilators batteries on June 28, 2022. The U.S. Department of Health and Human Services awarded the recall Grade I, the most serious. Read more here.
2020: On dozens of GE Healthcare X-ray devices, it's easy to run arbitrary code
In early December 2020, CyberMDX identified vulnerabilities in GE Healthcare medical equipment. It turned out that on dozens of radiological devices of the American manufacturer, it is easy to run arbitrary code. This will allow an attacker to gain access to confidential data, change doctor's appointments and completely block access to the device.
Experts discovered the vulnerability by examining patterns of unsecured communication between medical devices and provider servers. The study identified several recurring service scenarios automatically initiated by the GE server.
Service protocols rely on the set to activate certain services and/or open ports when using certain credentials. Such a system provides hackers with easy access to important medical devices and allows them to run arbitrary codes.
GE Healthcare confirmed that the vulnerability affects a number of devices, including computed tomographs, PET machines, molecular imaging devices, MRI machines, mammography machines, X-ray machines and ultrasound machines. In addition, the vulnerability concerns certain workstations and image processing devices used in surgery.
The company said the potential vulnerability did not raise concerns about patient safety. Cybersecurity firms check vulnerabilities directly on the device, while a potential hacker will need to go through the security system of the clinical network and firewalls of the medical institution.
 | We are not aware of cases of unauthorized access to data or instances of potential vulnerability being exploited in clinical practice, a GE Healthcare spokesperson said. - We conducted a full risk assessment and concluded that there was no danger to patients.[1] |  |
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |