cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor III

Vulnerabilities in GE HealthCare Anesthesia Machines

A research team discovered a vulnerability (pertains to CWE-287) related to the GE Healthcare Aestiva and Aespire devices (models 7100 and 7900). If an attacker gains access to a hospital’s network and if the devices are connected via terminal servers, the attacker can force the device to revert to an earlier, less secure version of the communication protocol and remotely modify parameters without authorization. 

 

When deployed using terminal servers, these manipulations can also be performed without any prior knowledge of IP addresses or location of the anesthesia machine. The attack could lead to:

 

  • Unauthorized gas composition input - altering the concentration of inspired/expired oxygen, CO2, N2O, and anesthetic agents.
  • Manipulation of barometric pressure settings and anesthetic agent type selection.
  • Remote silencing of alarms.
  • Alteration of date and time settings.

Here is a link to the US-CERT advisory.