VulnCheck KEV: CVE-2024-12248

Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution...

CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors

The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Food and Drug Administration FDA have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626 , carries a CVS...

CISA: Contec CMS8000 Contains a Backdoor

This fact sheet details an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health HPH sector. Analysts discovered that an embedded backdoor function with a hard-coded IP address and functionality that enables patient data...

CISA Releases Fact Sheet Detailing Embedded Backdoor Function of Contec CMS8000 Firmware

CISA released a fact sheet, Contec CMS8000 Contains a Backdoor, detailing an analysis of three firmware package versions of the Contec CMS8000, a patient monitor used by the U.S. Healthcare and Public Health HPH sector. Analysts discovered that an embedded backdoor function with a hard-coded IP...

PT-2025-1790 · Epsimed +1 · Epsimed Mn-120 +1

Name of the Vulnerable Software and Affected Versions: Contec Health CMS8000 Patient Monitor versions smart3250-2.6.27-wlan2.1.7.cramfs Contec Health CMS8000 Patient Monitor versions CMS7.820.075.08/0.740.75 Contec Health CMS8000 Patient Monitor versions CMS7.820.120.01/0.930.95 Epsimed MN-120...

Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor 访问控制错误漏洞

The Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor is a vital signs patient monitor from Contec Health. The Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor suffers from an Access Control Error vulnerability that originates from a threat actor with transient acce...

Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor 访问控制错误漏洞

The Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor is a vital signs patient monitor from Contec Health. The Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor has an access control error vulnerability that stems from its inability to properly control or clean the...

CISA releases two Industrial Control Systems Advisories

CISA has released two Industrial Control Systems ICS advisories on September 01, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...