A vulnerability in GE Healthcare’s proprietary management software used for medical imaging devices could put patients’ health privacy at risk, potentially their lives.
The flaw received the name MDHexRay (CVE-2020-25179) and a severity score of 9.8 out of 10. It affects more than 100 CT, X-Ray, MRI device models in a dozen product lines from the company.
GE’s closed source management software runs on top of the Unix-based operating system installed on medical imaging systems to enable remote maintenance and update procedures.
Source: Bleeping Computer