Cybersecurity vulnerabilities found in GE ultrasound, imaging devices: 4 notes

The Cybersecurity and Infrastructure Security Agency issued an advisory that certain GE Healthcare imaging and ultrasound products have cybersecurity vulnerabilities.

Four details:

1. The advisory notes multiple products, including GE Healthcare's cardiovascular and women's health ultrasounds, X-ray and CT technology, have vulnerabilities that hackers with a low skill level could exploit remotely.

2. Noted vulnerabilities allow for unprotected credentials transportation and exposure of sensitive system information. Hackers who gains access to a healthcare delivery organization's network could exploit these vulnerabilities to gain remote access to the devices with service user privileges.

3. The hackers could breach patient health information or run arbitrary code which could affect the system's availability and allow them to manipulate protected health information.

4. GE said it will take proactive measures to ensure the product firewalls are properly configured and change default passwords on affected devices where possible. The company recommended health systems ensure proper segmentation of the local hospital or clinic network and create explicit access rules to protect devices.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars