Security News > 2020 > December > Severe MDHexRay bug affects 100+ GE Healthcare imaging systems
A vulnerability in GE Healthcare's proprietary management software used for medical imaging devices could put patients' health privacy at risk.
GE's closed source management software runs on top of the Unix-based operating system installed on medical imaging systems to enable remote maintenance and update procedures.
BleepingComputer reached out to GE Healthcare for a statement and the company confirmed that it is not aware of any incident that leveraged this vulnerability.
CISA published an advisory today with details on how hospitals and clinics with vulnerable GE Healthcare imaging systems can defend against adversaries that may attempt to exploit the MDHexRay default credentials vulnerability.
The cybersecurity agency says that GE has come up with a solution to MDHexRay and the company " and will take proactive measures to ensure proper configuration of the product firewall protection and change default passwords on impacted devices where possible.