Skip to content
Recall Observatory FDA recall evidence

Device product

Catalys Precision Laser System, Models: Catalys-U (United States), Catalys-I (International), Catalys-C (China); and Catalys Precision Laser System No Bed, Models: 0160-6020 (United States), 0160-6010 (International)

Z-0444-2022

October 21, 2021

Class II

Product summary

Firm
AMO Manufacturing USA, LLC
Event
Event 88986
Status
Ongoing
Classification
Class II
Quantity
546
Official record key
device-enforcement:Z-0444-2022

Official wording

Reason: Aberrometer and precision laser systems are affected by a remote code execution vulnerability existing when the Microsoft Windows Print Spooler service is enabled, and improperly performs privileged file operations. This could be exploited to run arbitrary code with SYSTEM privileges, allowing for program installation; view/change/deleting data; or creation of new accounts with full user rights.

Code information: Catalys-U and Catalys-I with Windows 7 Ultimate/Professional/Embedded Standard. Catalys-C with Windows 7 Embedded Standard. 0160-6020 and 0160-6010 with Windows 7 Professional/Embedded Standard.

Distribution pattern: US: CA, TX, FL, LA, MD, IA, MA, VA, SD, MN, MO, NC, TN, SC, WA, NV, OH, KY, IN, CO, NJ, OK, NH, UT, AR, NY, AK, ND, NE, IL, AL, HI, CT, DE, KS, GA, OR, MS, PA, MT, ME, MI, AZ, ID, WI, VT, NM, CA. OUS: Canada, Mexico, Russian Federation, Turkey, Brazil, Egypt, Iraq, Saudi Arabia, Jordan, Norway, Colombia, Germany, Malaysia, India, Oman, Azerbaijan, Canada, Slovakia, Lebanon, Spain, Ireland, Italy, South Korea, Bangladesh, Chile, Taiwan, Tunisia, Kazakhstan, Libya, Argentina, Singapore, Austria, Australia, Vietnam, Greece, Poland, Indonesia, Yemen, Great Britain, South Africa, Croatia, France, Czech Republic, Algeria, Thailand, Bulgaria, United Arab Emirates, Belgium, Japan, China, Nepal, Israel, Switzerland, Dominican Republic, Hong Kong, Portugal, Ecuador, Kuwait, Netherlands, Slovenia, Philippines

Derived failure modes

  • Unknown

    reason.no_named_rule · v1.0.0

    Aberrometer and precision laser systems are affected by a remote code execution vulnerability existing when the Microsoft Windows Print Spooler service is enabled, and improperly performs privileged file operations. This could be exploited to run arbitrary code with SYSTEM privileges, allowing for program installation; view/change/deleting data; or creation of new accounts with full user rights.