5 matches found
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Food and Drug Administration FDA have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626 , carries a CVS...
CVE-2025-0683
creationtimestamp| type| source ---|---|--- 2025-01-30 18:23:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113918699513994287 2025-01-30 22:30:06+00:00| seen| https://bsky.app/profile/mytechnotalent.bsky.social/post/3lgyjvwampk2s 2025-01-30 22:38:34+00:00| seen|...
CVE-2025-0683
The CVE-2025-0683 entry affects Contec Health CMS8000 Patient Monitor. In its default configuration, it transmits plain-text patient data to a hard-coded public IP address, enabling potential data leakage to any device on that IP and enabling MITM-like interception. Public advisories (CISA ICS wa...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...
CVE-2025-0683 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...