Researchers have found insecure configurations of the remote access and administration features present in several patient monitoring devices and servers made by GE Healthcare that are used in clinics and hospitals around the world. The identified issues involve the use of shared hard-coded credentials or no credentials at all for remote management features, as well as the use of outdated applications with known vulnerabilities.
