FlagThis

The FDA and CISA have issued warnings regarding cybersecurity vulnerabilities found in Contec CMS8000 and Epsimed MN-120 patient monitors. These monitors, often used for remote patient care in homes and hospice settings, present potential risks when connected to the internet. The agencies advise users to disconnect these devices from the network where possible.

These vulnerabilities could allow unauthorized access and manipulation of the devices. CISA discovered a backdoor function with a hard-coded IP address in all analyzed firmware versions of the Contec CMS8000. The identified risks include the potential for unauthorized transmission of patient data and remote code execution, with one vulnerability scoring a critical 9.8 CVSS. These patient monitors display vital patient information including temperature, heartbeat and blood pressure.

ImgSrc: www.fda.gov

References:

• @BleepingComputer - The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patien - 5d
• @screaminggoat - CISA : CISA has an 11 page warning that a patient monitor known as Contec CMS8000 has an embedded backdoor with a hardcoded IP address which enables patient data spillage, or remote code execution (CI - 5d
• BleepingComputer - Backdoor found in two healthcare patient monitors, linked to IP in China - 5d
• www.bleepingcomputer.com - The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patien - 5d
• www.helpnetsecurity.com - Patient monitors with backdoor are sending info to China, CISA warns - 4d
• SOCRadar? Cyber Intelligence Inc. - CISA Warns of Backdoor in Contec CMS8000 Patient Monitors - 4d
• The Hacker News - CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors - 4d
• cyberinsider.com - CISA issues a warning about a backdoor in Contec CMS8000 patient monitors, highlighting the risk of remote code execution and patient data exfiltration. - 4d
• Help Net Security - Patient monitors with backdoor are sending info to China, CISA warns. - 4d
• Vulnerabilities ? The Cyber Express - Critical Flaws in Contec CMS8000 Allow Remote Code Execution and Patient Data Theft - 4d
• CyberInsider - Contec Monitors Used in U.S. Hospitals Carry Chinese Backdoor - 4d
• Security Archives - Security Affairs - The U.S. CISA and the FDA warned of a hidden backdoor in Contec CMS8000 and Epsimed MN-120 patient monitors. - 4d
• @screaminggoat - Information about the backdoor found in Contec patient monitors. - 4d
• Vulnerability Archives ? Cybersecurity News - The Contec CMS8000 patient monitors are vulnerable to remote attacks. - 3d
• ciso2ciso.com - Backdoor in Chinese-made healthcare monitoring device leaks patient data – Source: www.csoonline.com - 3d
• securityboulevard.com - Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors - 3d
• News | CSO Online - Contec CMS8000 patient monitors are found to have a hidden backdoor that transmits patient data to a hardcoded IP address and executes files remotely. - 3d
• Security Boulevard - Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors - 3d
• therecord.media - CyberScoop article about the vulnerabilities in the monitors. - 3d
• @jos1264 - Contec CMS8000 patient monitors contain a hidden backdoor – Source: securityaffairs.com - 2d
• ciso2ciso.com - Contec CMS8000 patient monitors contain a hidden backdoor – Source: securityaffairs.com - 2d
• securityboulevard.com - Healthcare Crisis Emerges: Cybersecurity Vulnerabilities in Patient Monitors Confirmed by FDA - 2d
• @vulnerability_lookup - A new bundle, CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware, has been published on Vulnerability-Lookup: - 2d
• securityonline.info - The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding the Contec CMS8000 patient monitors. - 2d
• Vulnerability Archives ? Cybersecurity News - CISA Warns of Hidden Backdoor in Contec CMS8000 Patient Monitors - 2d
• CySecurity News - Latest Information Security and Hacking Incidents - The U.S. Food and Drug Administration (FDA) has issued a safety communication highlighting cybersecurity vulnerabilities in certain patient monitors manufactured by Contec and relabeled by Epsimed. - 1d
• CISO2CISO.COM & CYBER SECURITY GROUP - This news alert brings light to a critical backdoor discovered in widely used healthcare patient monitors. - 1d
• ciso2ciso.com - Critical ‘Backdoor’ Discovered in Widely Used Healthcare Patient Monitors - 1d
• Security Boulevard - CISA/FDA Warn: Chinese Patient Monitors Have BAD Bugs - 1d
• securityboulevard.com - Security Boulevard article on the vulnerabilities in Contec and Epsimed patient monitors. - 1d
• claroty.com - Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated… - 22h
• @AAKL - Claroty, from yesterday: Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? The Reality is More Complicated… - 15h
• www.heise.de - Medical surveillance monitor: Backdoor discovered in Contec CMS8000 Attackers can attack medical hardware from Contec. This can result in malicious code getting onto devices. There has been no securit - 3h

Classification:

• HashTags: MedicalDeviceSecurity Contec Epsimed
• Company: Contec, Epsimed
• Target: Patients using Contec and Epsimed monitors
• Product: Patient monitors
• Feature: Medical device security
• Type: Vulnerability
• Severity: Major