32 matches found
VulnCheck KEV: CVE-2025-0683
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
EUVD-2024-50712
Malicious code in bioql PyPI...
CVE-2025-0683
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
Contec Health CMS8000 Patient Monitor 安全漏洞
The Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor that stems from an update binary that attempts to install to a hard-coded routable IP address, thereby bypassing existing devi...
CVE-2025-0626
The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to...
CVE-2024-12248
Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
CVE-2025-0683
The CVE-2025-0683 entry affects Contec Health CMS8000 Patient Monitor. In its default configuration, it transmits plain-text patient data to a hard-coded public IP address, enabling potential data leakage to any device on that IP and enabling MITM-like interception. Public advisories (CISA ICS wa...
CVE-2025-0626 Hidden Functionality vulnerability in Contec Health CMS8000 Patient Monitor
The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to...
CVE-2025-0626 Hidden Functionality vulnerability in Contec Health CMS8000 Patient Monitor
The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to...
CVE-2025-0626
The CVE-2025-0626 issue concerns Contec CMS8000 CMS8000 Patient Monitor firmware where the monitor binary attempts to mount to a hard-coded routable IP, bypassing device network settings, and can enable the network interface if it is disabled. Triggered during a device update from the user menu, ...
CVE-2024-12248 Out-of-bounds Write vulnerability in Contec Health CMS8000 Patient Monitor
Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...
CVE-2024-12248 Out-of-bounds Write vulnerability in Contec Health CMS8000 Patient Monitor
Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...
CVE-2024-12248
The CVE-2024-12248 issue affects Contec Health CMS8000 Patient Monitor. It is an out-of-bounds write vulnerability allowing an attacker to craft UDP requests to write arbitrary data, potentially enabling remote code execution. Connected documents confirm the affected product family (CMS8000 CMS a...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on January 30, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-030-01 Hitachi Energy UNEM ICSA-25-030-02 New Rock Technologies Cloud Connected...
Contec Health CMS8000 Patient Monitor 安全漏洞
Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker can exploit the vulnerability to send specially formatted UDP requests to write arbitrary data...
Contec Health CMS8000 Patient Monitor 安全漏洞
Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker could exploit the vulnerability to upload and overwrite files on the device...
Contec Health CMS8000 Patient Monitor 安全漏洞
Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor that originates from allowing the transmission of plain text patient data to a hard-coded public IP address...
PT-2025-3988 · Epsimed +1 · Epsimed Mn-120 Patient Monitor +1
Name of the Vulnerable Software and Affected Versions: Contec Health CMS8000 Patient Monitor affected versions not specified Epsimed MN-120 patient monitor affected versions not specified Description: The affected product sends out remote access requests to a hard-coded IP address, bypassing...