Medical imaging systems vulnerable to unauthorized access due to software vulnerability
GE Healthcare ViewPoint 6 medical imaging systems contain a software vulnerability (CVE-2023-43208) in Mirth Connect that could allow unauthorized access and patient data manipulation. 574 units are affected and distributed nationwide.
What this means for you
Real risk of harm even if no illness or injury has been reported yet. Stop using the product and follow the agency's guidance.
Our severity reasoning: FDA Class II recall of medical imaging system with a known software vulnerability (CVE-2023-43208) that could allow unauthorized access and patient data manipulation. No illnesses or injuries have been reported, but the potential for serious data compromise in a healthcare setting constitutes a risk-of-harm scenario.
Plain-English summary
GE Healthcare GmbH is recalling ViewPoint 6 radiological imaging systems due to a software vulnerability. The vulnerability exists in NexGen Healthcare Mirth Connect, versions prior to 4.4.1, and has been identified in the National Vulnerability Database as CVE-2023-43208. The vulnerability involves the potential deserialization of untrusted data.
According to the recall notice, this vulnerability could allow a malicious actor to gain unauthorized access to the ViewPoint system and potentially manipulate patient data. The recalled devices are ViewPoint 6 systems with eight model numbers: H47581RJ, H47591MA, H47591MT, H47591PE, H47591PR, H47591RA, H47591SD, and H47591YA, affecting a total of 574 units.
The affected systems were distributed nationwide across all US states and the District of Columbia. Mirth products may have been installed and configured as part of ViewPoint systems by GE HealthCare. Healthcare facilities operating affected ViewPoint 6 systems should contact GE Healthcare GmbH for guidance on addressing this security vulnerability.
The recalled product
- Product
- ViewPoint 6, Model Numbers: a) H47581RJ, b) H47591MA, c) H47591MT, d) H47591PE, e) H47591PR, f) H47591RA, g) H47591SD, h) H47591YA; system, imaging processing, radiological
- Manufacturer
- GE Healthcare GmbH
- Hazard
- deserialization-vulnerability
- unauthorized-access
- patient-data-compromise
Is your product affected?
Check your packaging against the codes below. If any of them match, the product is part of this recall.
Lot numbers (20)
- a) H47581RJ: UDI/DI none
- System ID Numbers: 4AD8 4XH3
- JC82 KQTA
- JZNQ HCW6
- 8X0C HWWG
- NURM T75T
- 7R98 NQWY
- AS41 ZJKE
- ZU21 YYU8
- E09H GGMN
- DZMC NUA6
- CYPQ ARE7
- HJDP BKTB
- TMQA Y5KK
- b) H47591MA: UDI/DI (01)00840682103640(10)SP1
- System ID Numbers: ND1G 9XAQ
- Q6BJ 97G9
- N8XB JU3W
- UD55 W4Y3
- KN5N NE40
Distribution
Distributed nationwide across the United States.
Related recalls
Same category
- HighSwan-Ganz Jr Catheter models recalled due to lumen hub leakage
FDA (Devices) · 2026-05-27
- HighAzurion X-ray System Deaeration Hose May Degrade and Cause Oil Leakage
FDA (Devices) · 2026-05-27
- SevereMedtronic DLP Retrograde Cannula Recalls for Sterile Barrier Breach Risk
FDA (Devices) · 2026-05-27
- SevereMedtronic DLP Retrograde Cannula recalled for sterile barrier breach risk
FDA (Devices) · 2026-05-27
- HighMedtronic DLP Retrograde Cannula Cardiopulmonary Bypass Catheter Recall
FDA (Devices) · 2026-05-27