The Recall Desk
HighFDA (Devices)·Z-0068-2026·Announced 2025-10-15

GE Medical Systems AW Server Security Vulnerability Affecting Patient Data

GE Medical Systems has recalled AW Server 2.0, 3.0, 3.1, and 3.2 due to a security vulnerability that could allow malicious actors to compromise patient data confidentiality, integrity, and availability. No patient harm has been reported.

What this means for you

Real risk of harm even if no illness or injury has been reported yet. Stop using the product and follow the agency's guidance.

Our severity reasoning: This FDA Class II recall involves a security vulnerability in medical device software that could compromise patient data confidentiality, integrity, and availability. No illnesses or injuries have been reported and the hazard is theoretical pending exploitation, meeting the criterion for a risk-of-harm product without reported injury.

Plain-English summary

GE Medical Systems, SCS has issued a recall for AW Server versions 2.0, 3.0, 3.1, and 3.2, which are medical imaging software platforms used in healthcare facilities. The manufacturer has identified a security vulnerability in these products that, if exploited by a malicious actor, could compromise the confidentiality, integrity, and availability of patient data.

Approximately 7,302 units are involved in this recall, including 1,381 distributed in the United States and 5,921 distributed internationally. The vulnerability affects both domestically and internationally deployed systems.

No incidents of unauthorized access or patient harm have been reported to date. Healthcare facilities using the affected AW Server versions should be aware of this vulnerability.

The recalled product

Product
AW Server 2.0, AW Server 3.0, AW Server 3.1, AW Server 3.2
Manufacturer
GE Medical Systems, SCS
Category
Medical Device — Medical Imaging Server
Hazard
  • security-vulnerability
  • data-compromise
  • unauthorized-access

Distribution

Distributed nationwide across the United States.

Related recalls

Same category