CyberMDX researchers found that default passwords with a version of remote service functionality may allow for a malicious party to gain a level of access at least comparable to a GE remote service user. GE Healthcare says it has identified mitigations for specific products and releases and will take proactive measures to ensure proper configuration of the product firewall protection and change default passwords on impacted devices where possible. The potential vulnerability is not directly accessible from outside the customers network, since the protection of this remote service connection runs to within the network boundary”]
Source: https://www.govinfosecurity.com/authentication-flaws-found-again-in-ge-medical-imaging-gear-a-15548