Device product
ViewPoint; system, imaging processing, radiological
Z-3145-2024
Product summary
- Event
- Event 95167
- Status
- Ongoing
- Classification
- Class II
- Quantity
- 3 units
- Official record key
device-enforcement:Z-3145-2024
Official wording
Reason: The National Institute of Standards and Technology (NIST) has identified in the National Vulnerability Database (NVD) that NexGen Healthcare Mirth Connect, prior to version 4.4.1, has a potential vulnerability allowing the deserialization of untrusted data (CVE-2023-43208). Mirth products may have been installed and configured with your ViewPoint / ViewPoint 6 system by GE HealthCare. This vulnerability could allow a malicious actor to access the system and potentially manipulate patient data.
Code information: No UDI/DI, System ID numbers: QB7A TA99, N26D M0B7, Q1K1 FFQW
Distribution pattern: US Nationwide distribution including in the states of Alabama, Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, District of Columbia, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin.
Derived failure modes
-
Unknown
The National Institute of Standards and Technology (NIST) has identified in the National Vulnerability Database (NVD) that NexGen Healthcare Mirth Connect, prior to version 4.4.1, has a potential vulnerability allowing the deserialization of untrusted data (CVE-2023-43208). Mirth products may have been installed and configured with your ViewPoint / ViewPoint 6 system by GE HealthCare. This vulnerability could allow a malicious actor to access the system and potentially manipulate patient data.