32 matches found
VulnCheck KEV: CVE-2025-0683
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
EUVD-2024-50712
Malicious code in bioql PyPI...
CVE-2025-0683
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
Contec Health CMS8000 Patient Monitor 安全漏洞
The Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor that stems from an update binary that attempts to install to a hard-coded routable IP address, thereby bypassing existing devi...
CVE-2025-0626
The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to...
CVE-2024-12248
Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...
CVE-2025-0683
CVE-2025-0683 affects the Contec Health CMS8000 Patient Monitor. In its default configuration, the device transmits plain‑text patient data to a hard‑coded public IP, enabling potential data leakage to any device on that IP and exposing patients to MITM risks. Connected sources confirm a firmware...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
CVE-2025-0626 Hidden Functionality vulnerability in Contec Health CMS8000 Patient Monitor
The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to...
CVE-2025-0626 Hidden Functionality vulnerability in Contec Health CMS8000 Patient Monitor
The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to...
CVE-2025-0626
The CVE-2025-0626 entry concerns Contec CMS8000 (patient monitor) firmware. The seeable vulnerability is in the monitor’s embedded backdoor function within the firmware’s monitor binary, which attempts to mount to a hard-coded, routable IP address and can enable the device’s network interface if ...
CVE-2024-12248
CVE-2024-12248 affects the Contec Health CMS8000 Patient Monitor. The issue is an out-of-bounds write that could let an attacker send specially crafted UDP requests to write arbitrary data, enabling remote code execution over the network. Reported details confirm the vulnerability impacts CMS8000...
CVE-2024-12248 Out-of-bounds Write vulnerability in Contec Health CMS8000 Patient Monitor
Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...
CVE-2024-12248 Out-of-bounds Write vulnerability in Contec Health CMS8000 Patient Monitor
Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on January 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-030-01 Hitachi Energy UNEM ICSA-25-030-02 New Rock Technologies Cloud Connected...
Contec Health CMS8000 Patient Monitor 安全漏洞
Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker could exploit the vulnerability to upload and overwrite files on the device...
Contec Health CMS8000 Patient Monitor 安全漏洞
Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker can exploit the vulnerability to send specially formatted UDP requests to write arbitrary data...
Contec Health CMS8000 Patient Monitor 安全漏洞
Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor that originates from allowing the transmission of plain text patient data to a hard-coded public IP address...
PT-2025-3988 · Epsimed +1 · Epsimed Mn-120 Patient Monitor +1
Name of the Vulnerable Software and Affected Versions: Contec Health CMS8000 Patient Monitor affected versions not specified Epsimed MN-120 patient monitor affected versions not specified Description: The affected product sends out remote access requests to a hard-coded IP address, bypassing...