Recall – Anesthesia delivery system cyber-security vulnerability

Company: GE Healthcare, LLC
Date of Enforcement Report: 12/25/2019
Class II

PRODUCT

Aestiva MRI, Model Numbers: a) 1006-9310-000 b) 1006-9110-000 c) 1006-9023-000 d) 1006-9028-000 e) 1006-9310-000-305077 f) 1006-9310-000-015243 g) 1006-9310-000-017602 h) 1006-9310-000-103785 I) 1006-9310-000-025109 j) 1006-9310-000-009650 k) 1006-9310-000-015224 l) 1006-9310-000-031881 m) 1006-9310-000-031854 n) 1006-9310-000-026571

  • Recall Number: Z-0114-2020

REASON

Certain Aespire and Aestiva Anesthesia Systems were noted to have a vulnerability to a cyber-attack when connected to the hospital network. An insufficiently secured terminal server may provide an opportunity for a malicious actor that has already penetrated the hospital network to send fraudulent flow sensor correction parameters.

RECALLING FIRM/MANUFACTURER

GE Healthcare, LLC on 7/19/2019. Voluntary:  Firm Initiated recall is ongoing.

VOLUME OF PRODUCT IN COMMERCE

502 devices

DISTRIBUTION

U.S. Nationwide and International

Remote Webmeeting Assessments

SoftwareCPR can provide remote offsite assessments to support virtual offices.  Our consultants can utilize webmeeting tools to walk your teams through assessments such as:

  • 62304 compliance
  • Regulatory submission pre-review
  • Software risk analysis
  • Cybersecurity process and validation
  • Overall ISO 14971 risk management
  • Overview of software regulation with John Murray

Email office@softwarecpr.com
for more info!

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN) and Italy.