Insecure configurations expose GE Healthcare devices to attacks

Insecure configurations expose GE Healthcare devices to attacks

Researchers have found insecure configurations of the remote access and administration features present in several patient monitoring devices and servers made by GE Healthcare that are used in clinics and hospitals around the world. The identified issues involve the use of shared hard-coded credentials or no credentials at all for remote management features, as well as the use of outdated applications with known vulnerabilities.

[ Learn what you need to know about defending critical infrastructure . | Get the latest from CSO by signing up for our newsletters. ]

These types of issues have plagued embedded devices for many years and are the result of old product design practices that focused more on usability and ease of remote support than security.

To read this article in full, please click here



Support the originator by clicking the read the rest link below.