A CISA alert is flagging a critical default credentials issue that affects 100+ types of devices found in hospitals, from MRI machines to surgical imaging. The bugs arise because of default credentials used with GE s proprietary management software, which controls the devices integrated PC that runs a Unix-based operating system. The flaws affect 100 different kinds of CT scanners, PET machines, MRI machines, mammography devices, X-Ray machines and ultrasound devices. GE Healthcare plans to provide patches, but no timeline has been mapped out.
Source: https://threatpost.com/critical-unpatched-bug-ge-radiological-devices/162012/