GE Healthcare MDHexRay Vulnerabilities

Two credential reuse vulnerabilities called MDHexRay have been detected in twenty four separate product families in GE Healthcare's imaging business. These could be exploited to obtain patient identifiable information.

Threat ID:: CC-3699
Threat Severity:: Low
Published:: 9 December 2020 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Affected platforms

The following platforms are known to be affected:

MDHexRay affects more than 20 product families across GE Healthcare's advanced visualisation, CT, interventional, mammography, MRI, PET, ultrasound, and x-ray modalities.

Threat details

Introduction

GE Healthcare has released details of two vulnerabilities, collectively named MDHexRay, affecting a wide range of their imaging and ultrasound products. They claim that an attacker on the same local network could exploit these vulnerabilities to obtain sensitive information, including patient data, or execute command on affected systems.

Vulnerability details

Both vulnerabilities are the result of default credential reuse in GE Healthcare's proprietary Unix-based operating system installed on the affected products.

The default credentials are used to remotely administer and maintain GE Healthcare products, and were freely available through GE Healthcare's customer portal. Any user with prior access to these would be able to log in to an affected products and alter system settings or expose data in transit

Remediation advice

GE Healthcare have confirmed they are contacting customers to change the default credentials used on their estates. Affected organisations are encouraged to log in to their GE Healthcare Product Security Portal accounts to ensure these are changed immediately.

Affected organisations are also encouraged to restrict and monitor the following ports:

FTP (port 21)
SSH (port 22)
Telnet (port 23)
REXEC (port 512)

Indicators of compromise

Affected products list

Modality	Product
Advanced Visualization	AW 4.0 to AW 4.6
Advanced Visualization	AWS 2.0 to AW 3.0
Computed Tomography	BrightSpeed Edge
Computed Tomography	BrightSpeed Edge Select
Computed Tomography	BrightSpeed Elite
Computed Tomography	BrightSpeed Elite Select
Computed Tomography	Brivo CT385
Computed Tomography	Discovery CT590RT
Computed Tomography	Discovery CT750HD
Computed Tomography	Frontier
Computed Tomography	Frontier ES
Computed Tomography	LightSpeed Pro16
Computed Tomography	LightSpeed RT16
Computed Tomography	LightSpeed VCT
Computed Tomography	Optima Advance
Computed Tomography	Optima CT520
Computed Tomography	Optima CT540
Computed Tomography	Optima CT580
Computed Tomography	Optima CT580RT
Computed Tomography	Optima CT580W
Computed Tomography	Optima CT660
Computed Tomography	Optima CT670
Computed Tomography	Optima CT680 Quantum
Computed Tomography	Optima Expert & Professional
Computed Tomography	Revolution ACT
Computed Tomography	Revolution ACTs
Computed Tomography	Revolution CT
Computed Tomography	Revolution EVO
Computed Tomography	Revolution HD
Interventional	Innova 2000
Interventional	Innova 2100-IQ
Interventional	Innova 212-IQ
Interventional	Innova 3100
Interventional	Innova 3100-IQ
Interventional	Innova 313-IQ
Interventional	Innova 4100
Interventional	Innova 4100-IQ
Interventional	Innova IGS 5x0
Interventional	Innova IGS 6x0
Interventional	Innova IGS 7x0
Interventional	Optima 3100
Interventional	Optima 320
Interventional	Optima CL320
Interventional	Optima CL320i
Interventional	Optima CL323i
Interventional	Optima IGS 320
Interventional	Optima IGS 330
Magnetic Resonance	Brivo MR355 SV20.1 (1.5T)
Magnetic Resonance	Brivo MR355 SV23.0 (1.5T)
Magnetic Resonance	Optima MR360 SV20.1 (1.5T)
Magnetic Resonance	Optima MR360 SV23 (1.5T)
Magnetic Resonance	Signa Hdi HD16 (1.5T)
Magnetic Resonance	Signa Hdi HD23 (1.5T)
Magnetic Resonance	Signa HDx HD16 (1.5T & 3.0T)
Magnetic Resonance	Signa HDx HD23 (1.5T & 3.0T)
Magnetic Resonance	Signa HDxt HD16 (3.0T)
Magnetic Resonance	Signa HDxt HD23 (3.0T)
Magnetic Resonance	Signa VIBRANT HD16 (1.5T)
Magnetic Resonance	Signa VIBRANT HD23 (1.5T)
Mammography	Seno 200D
Mammography	Seno DS
Mammography	Seno Essential
Mammography	Senographe Pristina
Nuclear Medicine, PET/CT	Brivo NM 615
Nuclear Medicine, PET/CT	Discovery IQ
Nuclear Medicine, PET/CT	Discovery MI MI DR
Nuclear Medicine, PET/CT	Discovery NM 630
Nuclear Medicine, PET/CT	Discovery NM 750b
Nuclear Medicine, PET/CT	Discovery NM D530c
Nuclear Medicine, PET/CT	Discovery NM/CT 670
Nuclear Medicine, PET/CT	Discovery NM/CT 860
Nuclear Medicine, PET/CT	Discovery NM/CT 870
Nuclear Medicine, PET/CT	Discovery NM/CT D570c
Nuclear Medicine, PET/CT	Discovery NM/CT850
Nuclear Medicine, PET/CT	Discovery NM830
Nuclear Medicine, PET/CT	Infinia
Nuclear Medicine, PET/CT	Optima NM/CT 640
Nuclear Medicine, PET/CT	PET Discovery IQ
Nuclear Medicine, PET/CT	PET Discovery IQ upgrade
Nuclear Medicine, PET/CT	PETrace 800
Nuclear Medicine, PET/CT	Ventri
Nuclear Medicine, PET/CT	Xeleris
Ultrasound, Cardiovascular	EchoPAC (Turnkey) BT06
Ultrasound, Cardiovascular	Image Vault (Turnkey) 4.3
Ultrasound, Cardiovascular	Vivid 7 BT02 to BT06
Ultrasound, Cardiovascular	Vivid I BT06
Ultrasound, General Imaging	LOGIQ 5 BT03
Ultrasound, General Imaging	LOGIQ 7 BT03
Ultrasound, General Imaging	LOGIQ 7 BT04
Ultrasound, General Imaging	LOGIQ 7 BT06
Ultrasound, General Imaging	LOGIQ 9 BT02 to BT04
Ultrasound, General Imaging	LOGIQ 9 BT06
Ultrasound, Women’s Health	Voluson 730 BT05
Ultrasound, Women’s Health	Voluson 730 BT08
X-Ray	Brivo XR118
X-Ray	Brivo XR383
X-Ray	Brivo XR515
X-Ray	Brivo XR575
X-Ray	Definium 5000
X-Ray	Definium 6000
X-Ray	Definium 8000
X-Ray	Definium AMX 700
X-Ray	Discovery XR650
X-Ray	Discovery XR656
X-Ray	Discovery XR656+
X-Ray	Optima XR200amx
X-Ray	Optima XR220amx
X-Ray	Optima XR640
X-Ray	Optima XR646
X-Ray	Precision 500D
X-Ray	Precision WDR1

Definitive source of threat updates

https://us-cert.cisa.gov/ics/advisories/icsma-20-343-01

Last edited: 9 December 2020 2:57 pm