Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

neub9
By neub9
2 Min Read

Security researchers have identified nearly a dozen security vulnerabilities affecting the GE HealthCare Vivid Ultrasound product line that could allow malicious actors to manipulate patient data and deploy ransomware in certain scenarios.

An operational technology (OT) security vendor, Nozomi Networks, mentioned in a technical report that these flaws could lead to ransomware installation and unauthorized access to patient data stored on the compromised devices.

The vulnerabilities impact the Vivid T9 ultrasound system and the Common Service Desktop web application, as well as the EchoPAC software used on doctors’ workstations to access ultrasound images.

Exploiting these vulnerabilities requires physical access to the device within a hospital environment, enabling threat actors to execute arbitrary code with administrative privileges.

In a hypothetical attack scenario, threat actors could encrypt the Vivid T9 systems with ransomware and compromise patient data.

The most critical vulnerability, CVE-2024-27107, involves hard-coded credentials. Other vulnerabilities include command injection, execution with unnecessary privileges, path traversal, and protection mechanism failure.

Nozomi Networks has outlined an exploit chain that combines multiple vulnerabilities to achieve code execution on the device.

GE HealthCare stated that existing mitigations and controls mitigate the risks posed by these vulnerabilities to acceptable levels, emphasizing that physical access is required to exploit them.

Similar security flaws have been discovered in the Merge DICOM Toolkit and the Siemens SIMATIC Energy Manager, emphasizing the importance of timely software updates to address such vulnerabilities.

Following responsible disclosure and patching, security vulnerabilities in products like the ThroughTek Kalay Platform have been addressed to prevent unauthorized access and code execution on IoT devices.

It is essential for users to stay updated with the latest software versions to protect against potential security threats and vulnerabilities in various healthcare and IoT devices.

It’s crucial to address security vulnerabilities promptly to safeguard patient data and prevent potential attacks on critical healthcare equipment. Stay informed and follow us on Twitter and LinkedIn for more exclusive content.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *