Severe Vulnerabilities in GE Healthcare Devices
Security researchers have discovered six critical vulnerabilities in medical devices from GE Healthcare that lets hackers assume full control or render the devices unusable. Five vulnerabilities received a 10 out of 10 severity rating on the Common Vulnerability Scoring System, while the final one has a rating of 8.5. The affected products – GE CARESCAPE Patient Monitors, ApexPro telemetry (server/tower) systems, and Clinical Information Center (CIC) Pro systems – are used to view real-time physiological data and waveforms collected over the local network from patient monitors. GE is currently working on patches for the vulnerabilities and has recommended applying network segregation measures to restrict access to vulnerable devices.
References:MDhex: The Story Behind the Story
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Ensign Systems Integration
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services