A set of six security flaws have been discovered in popular medical devices from GE Healthcare. The vulnerabilities affect GE CARESCAPE Patient Monitors, ApexPro telemetry (server/tower) systems, and Clinical Information Center (CIC) Pro systems. Five of the flaws received the highest severity rating on the Common Vulnerability Scoring System, 10 out of 10.5, as per the National Infrastructure Advisory Council’s (NIAC) scoring scale. Hard-coded credentials in the Windows XP Embedded operating system is another critical vulnerability.
Source: https://www.bleepingcomputer.com/news/security/critical-mdhex-vulnerabilities-shake-the-healthcare-sector/