A vulnerability in the firmware of some anesthesia machines could be abused to change functionality up to the point of adjusting the level of inhalational substances. The flaw affects GE Aestiva and GE Aespire anesthesia systems, models 7100 and 7900, from GE Healthcare (part of General Electric Company) The vulnerability is possible with no user interaction and the machine “does not require or use authentication”” CyberMDX calculated a moderate severity score of 5.3 out of a maximum of 10 for this vulnerability.”
Source: https://www.bleepingcomputer.com/news/security/bug-in-anesthesia-machines-allows-changing-gas-mix-levels/