Skip to main content

GE Healthcare Ultrasound Kiosk Mode Vulnerability

GE Healthcare has released details of a vulnerability affecting a number of their ultrasound imaging systems. They claim a user with physical access could exploit this vulnerability to gain control of an affected system.

Threat ID:
CC-3372
Category:
Threat Severity:
Low
Threat Vector:
Published:
19 February 2020 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

GE Healthcare has released details of a vulnerability affecting a number of their ultrasound imaging systems. They claim a user with physical access could exploit this vulnerability to gain control of an affected system.

Affected platforms

The following platforms are known to be affected:

  • GE Invent ABUS Scan station - All versions
  • GE LOGIQ - All versions excluding LOGIQ 100 Pro
  • GE Venue - All versions excluding Venue 40R1-3 and 50R1-5
  • GE Versana - All versions
  • GE Vivid - All versions
  • GE Voluson - All versions

Threat details

The vulnerability exists in the 'Kiosk Mode' restricted desktop functionality present in the affected systems. By specially crafting inputs an attacker is able to escape the environment and access the underlying system.

For further information:

Remediation steps

Type Step

At the time of publication, GE Healthcare has stated that they are not producing updates to address this vulnerability. They instead recommend that affected organisations enable the "system lock" password in the administration settings and restrict physical access to the vulnerable systems.

CVE Vulnerabilities

Status

CVE-2020-6977

Last edited: 29 June 2021 12:00 pm