Browse all 13 CVE security advisories affecting GE HealthCare. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GE Healthcare develops medical imaging and monitoring systems used in clinical settings worldwide. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from web interfaces and network services. While no major public security incidents have been widely reported, the 13 CVEs on record highlight ongoing security challenges in medical devices. Their systems typically require robust network segmentation and regular patching due to the critical nature of healthcare environments. Security researchers have noted that legacy systems may present higher risks, emphasizing the need for continuous vulnerability management in life-critical infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-1630 | Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component — VenueCWE-22 | 7.7 | High | 2024-05-14 |
| CVE-2024-1629 | Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component — VenueCWE-22 | 6.2 | Medium | 2024-05-14 |
| CVE-2024-1628 | OS command injection vulnerabilities in GE HealthCare ultrasound devices — VenueCWE-78 | 8.4 | High | 2024-05-14 |
| CVE-2024-1486 | Elevation of privileges via misconfigured access control list in GE HealthCare ultrasound devices — VenueCWE-732 | 7.4 | High | 2024-05-14 |
This page lists every published CVE security advisory associated with GE HealthCare. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.