CyberMDX discovers critical vulnerabilities in GE imaging and ultrasound devices
MDhex-Ray is a vulnerability discovered by CyberMDX, which was published by CISA as ICS Medical Advisory ICSMA-20-343-01 on December 8, 2020. MDhex-Ray affects a long list of CT, X-Ray, and MRI imaging systems manufactured by GE Healthcare.
Successfully exploiting the vulnerability may expose sensitive data - such as PHI - or could allow the attacker to run arbitrary code, which might impact the availability of the system and allow manipulation of PHI.
More than 100 devices are affected by this vulnerability across the following product lines:
CyberMDX can help your organization detect whether you have affected devices in your network and mitigate the issue, including:
Our scalable, easy-to-deploy security solution works to ensure your organization’s operational safety, compliance and continuity through continuous asset discovery, comprehensive risk profiling, and AI-powered containment and response capabilities.
The CyberMDX solution identifies endpoints and assesses vulnerabilities to detect, respond to and prevent cyber incidents.
CyberMDX’s Vulnerability Research and HTM Analysis team regularly works with medical device organizations in the responsible disclosure of security vulnerabilities. The threat intelligence team works tirelessly to help protect hospitals and healthcare organizations from malicious attacks.
The team’s researchers, white hat hackers, and engineers collect information about possible attack paths to understand attacker motives, means, and methods in an effort to deliver the best protection possible.
Forrester recognized CyberMDX as the Medical Device Security Solution Leader in their New Wave™ Connected Medical Device Security, Q2 2020 report, which also evaluated 7 competitors.
"CyberMDX demonstrates thought leadership, technical excellence, and a unique customization ability to strengthen healthcare security through its platform. It also empowers the continuous discovery of medical devices and intelligent micro-segmentation policies and responses during cyberattacks."
CyberMDX was awarded as the 2020 North American Leader in Medical Device Security Solution Leader by Frost & Sullivan.
"We looked for several key attributes in both the solution and the vendor. The CyberMDX team really delivered on them. I was easy easily able to integrate with our proprietary workflow management system. The support -- from sales to pro services to implementation -- is exceptional. And I’d say the defining factor was when we ran a pen test of a wide network cyber-attack, CyberMDX was the only vendor that detected it."
CyberMDX's solution was given 5 stars on Gartner Peer Insights