FlagThis

A backdoor has been discovered in the Contec CMS8000 patient monitor, a device manufactured by a Chinese company. This backdoor allows for remote code execution and data exfiltration, potentially sending patient data to a hardcoded IP address in China. This incident underscores serious concerns about the security of medical devices and the potential for supply chain attacks, particularly when sensitive patient data is involved. This has resulted in warnings from CISA and FDA.