AW Server 2.0, AW Server 3.0, AW Server 3.1, AW Server 3.2
Recall
- Recall Number
- Z-0068-2026
- Event Number
- 97657
- Firm
- GE Medical Systems, SCS
- FEI Number
- 1000284313
- Product Code
- LLZ
- Status
- Open, Classified
- Root Cause
- Software in the Use Environment
- Initiated
- September 5, 2025
- Posted
- October 8, 2025
- Address
- 283 rue de la Miniere Buc France
Description
AW Server 2.0, AW Server 3.0, AW Server 3.1, AW Server 3.2
Firm has identified a security vulnerability in AW Server products. If exploited, a malicious actor could compromise the confidentiality, integrity, and availability of patient data.
On September 5, 2025, firm began deployment of customer letter. Customers were informed they could continue use of their device by following the instructions provided: 1. Ensure the AW Server is installed on a facility internal network, that is not accessible from any public network. If access to AW Server from outside the facility network is desired, this connectivity must be configured to be usable exclusively through the facility s Virtual Private Network (VPN) or equivalent network security solution as described in your AW Server s Pre-Installation Manual that is available in the Customer documentation portal. NOTE: Access management to the facility s internal network on which the AW Server is installed on, and management of the network security solution is under the strict responsibility of the facility. 2. Ensure strong, secure passwords are configured for the AW Server. 3. GE HealthCare recommends that organizations follow security and cybersecurity best practices, including securing the network where AW Server is connected.
Domestic US distribution nationwide. International distribution worldwide.
7,302 (1,381 US; 5,921 OUS)