FDA Recall Open, Classified

AW Server 2.0, AW Server 3.0, AW Server 3.1, AW Server 3.2

Recall: Z-0068-2026 · Initiated September 5, 2025

Recall

Recall Number
Z-0068-2026
Event Number
97657
Firm
GE Medical Systems, SCS
FEI Number
1000284313
Product Code
LLZ
Status
Open, Classified
Root Cause
Software in the Use Environment
Initiated
September 5, 2025
Posted
October 8, 2025
Address
283 rue de la Miniere Buc France

Description

AW Server 2.0, AW Server 3.0, AW Server 3.1, AW Server 3.2

Reason

Firm has identified a security vulnerability in AW Server products. If exploited, a malicious actor could compromise the confidentiality, integrity, and availability of patient data.

Action

On September 5, 2025, firm began deployment of customer letter. Customers were informed they could continue use of their device by following the instructions provided: 1. Ensure the AW Server is installed on a facility internal network, that is not accessible from any public network. If access to AW Server from outside the facility network is desired, this connectivity must be configured to be usable exclusively through the facility s Virtual Private Network (VPN) or equivalent network security solution as described in your AW Server s Pre-Installation Manual that is available in the Customer documentation portal. NOTE: Access management to the facility s internal network on which the AW Server is installed on, and management of the network security solution is under the strict responsibility of the facility. 2. Ensure strong, secure passwords are configured for the AW Server. 3. GE HealthCare recommends that organizations follow security and cybersecurity best practices, including securing the network where AW Server is connected.

Distribution

Domestic US distribution nationwide. International distribution worldwide.

Quantity

7,302 (1,381 US; 5,921 OUS)