Skip to content
Recall Observatory FDA recall evidence

Device product

ViewPoint; system, imaging processing, radiological

Z-3145-2024

August 08, 2024

Class II

Product summary

Firm
GE Healthcare GmbH
Event
Event 95167
Status
Ongoing
Classification
Class II
Quantity
3 units
Official record key
device-enforcement:Z-3145-2024

Official wording

Reason: The National Institute of Standards and Technology (NIST) has identified in the National Vulnerability Database (NVD) that NexGen Healthcare Mirth Connect, prior to version 4.4.1, has a potential vulnerability allowing the deserialization of untrusted data (CVE-2023-43208). Mirth products may have been installed and configured with your ViewPoint / ViewPoint 6 system by GE HealthCare. This vulnerability could allow a malicious actor to access the system and potentially manipulate patient data.

Code information: No UDI/DI, System ID numbers: QB7A TA99, N26D M0B7, Q1K1 FFQW

Distribution pattern: US Nationwide distribution including in the states of Alabama, Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, District of Columbia, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin.

Derived failure modes

  • Unknown

    reason.no_named_rule · v1.0.0

    The National Institute of Standards and Technology (NIST) has identified in the National Vulnerability Database (NVD) that NexGen Healthcare Mirth Connect, prior to version 4.4.1, has a potential vulnerability allowing the deserialization of untrusted data (CVE-2023-43208). Mirth products may have been installed and configured with your ViewPoint / ViewPoint 6 system by GE HealthCare. This vulnerability could allow a malicious actor to access the system and potentially manipulate patient data.