Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-50712

Malicious code in bioql PyPI...

9.8CVSS9.5AI score0.01276EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/02/25 12:0 a.m.3 views

Contec Health CMS8000 Patient Monitor 安全漏洞

The Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor that stems from an update binary that attempts to install to a hard-coded routable IP address, thereby bypassing existing devi...

7.7CVSS6.7AI score0.00446EPSS
Exploits0References3
CVE
CVE
added 2025/01/30 6:17 p.m.72 views

CVE-2024-12248

The CVE-2024-12248 issue affects Contec Health CMS8000 Patient Monitor. It is an out-of-bounds write vulnerability allowing an attacker to craft UDP requests to write arbitrary data, potentially enabling remote code execution. Connected documents confirm the affected product family (CMS8000 CMS a...

9.8CVSS9.8AI score0.01276EPSS
In wildExploits0References2
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.5 views

Contec Health CMS8000 Patient Monitor 安全漏洞

Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker could exploit the vulnerability to upload and overwrite files on the device...

7.7CVSS9.4AI score0.01116EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.3 views

Contec Health CMS8000 Patient Monitor 安全漏洞

Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker can exploit the vulnerability to send specially formatted UDP requests to write arbitrary data...

9.8CVSS9.5AI score0.01276EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.5 views

PT-2025-3988 · Epsimed +1 · Epsimed Mn-120 Patient Monitor +1

Name of the Vulnerable Software and Affected Versions: Contec Health CMS8000 Patient Monitor affected versions not specified Epsimed MN-120 patient monitor affected versions not specified Description: The affected product sends out remote access requests to a hard-coded IP address, bypassing...

7.7CVSS9.5AI score0.01116EPSS
Exploits0References32
Cvelist
Cvelist
added 2022/09/13 2:55 p.m.28 views

CVE-2022-38453 Contec Health CMS8000

Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debuginfo' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities...

3CVSS5.2AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/13 2:54 p.m.17 views

CVE-2022-3027 Contec Health CMS8000

The CMS8000 device does not properly control or sanitize the SSID name of a new Wi-Fi access point. A threat actor could create an SSID with a malicious name, including non-standard characters that, when the device attempts connecting to the malicious SSID, the device can be exploited to write...

5.7CVSS5.9AI score0.00282EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/13 2:54 p.m.25 views

CVE-2022-38069 Contec Health CMS8000

Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow a threat actor with momentary physical access to gain privileged access to any device. Privileged credential access enables the extraction of sensitive patient information or modification of device...

4.3CVSS6.4AI score0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/13 2:54 p.m.20 views

CVE-2022-38100 Contec Health CMS8000

The CMS800 device fails while attempting to parse malformed network data sent by a threat actor. A threat actor with network access can remotely issue a specially formatted UDP request that will cause the entire device to crash and require a physical reboot. A UDP broadcast request could be sent...

7.5CVSS7.5AI score0.00768EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/13 2:54 p.m.17 views

CVE-2022-36385 Contec Health CMS8000

A threat actor with momentary access to the device can plug in a USB drive and perform a malicious firmware update, resulting in permanent changes to device functionality. No authentication or controls are in place to prevent a threat actor from maliciously modifying firmware and performing a...

6.8CVSS6.9AI score0.00359EPSS
Exploits0References1
ICS
ICS
added 2022/09/01 6:0 a.m.48 views

Contec Health CMS8000 Patient Monitor (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Low attack complexity Vendor: Contec Health Equipment: CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor Vulnerabilities: Improper Access Control, Uncontrolled Resource Consumption, Use of Hard-Coded Credentials, Active Debug Code 2. RISK EVALUATION...

7.5CVSS7AI score0.00768EPSS
Exploits0References10
Rows per page
Query Builder