A vulnerability in GE Healthcare’s proprietary management software used for medical imaging devices could put patients’ health privacy at risk. The flaw received the name MDHexRay (CVE-2020-25179) and a severity score of 9.8 out of 10. It affects more than 100 CT, X-Ray, MRI device models in a dozen product lines from the company. GE Healthcare is not aware of any incident where this potential vulnerability has been exploited in a clinical situation. The vulnerability consists in using default credentials on every installation of the this software to authenticate to GE’s servers.
Source: https://www.bleepingcomputer.com/news/security/severe-mdhexray-bug-affects-100-plus-ge-healthcare-imaging-systems/