CISA and FDA Warn of Vital Backdoor in Contec CMS8000 Affected person Screens

Jan 31, 2025Ravie LakshmananVulnerability / Healthcare

The U.S. Cybersecurity and Infrastructure Safety Company (CISA) and the Meals and Drug Administration (FDA) have issued alerts in regards to the presence of hidden performance in Contec CMS8000 patient monitors and Epsimed MN-120 affected person screens.

The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 rating of seven.7 on a scale of 10.0. The flaw, alongside two different points, was reported to CISA by an nameless exterior researcher.

“The affected product sends out distant entry requests to a hard-coded IP handle, bypassing present gadget community settings to take action,” CISA said in an advisory. “This might function a backdoor and result in a malicious actor with the ability to add and overwrite information on the gadget.”

Cybersecurity

“The reverse backdoor supplies automated connectivity to a hard-coded IP handle from the Contec CMS8000 gadgets, permitting the gadget to obtain and execute unverified distant information. Publicly out there information present that the IP handle isn’t related to a medical gadget producer or medical facility however a third-party college.”

Two different recognized vulnerabilities within the gadgets are listed beneath –

  • CVE-2024-12248 (CVSS v4 rating: 9.3) – An out-of-bounds write vulnerability that might enable an attacker to ship specifically formatted UDP requests so as to write arbitrary knowledge, leading to distant code execution
  • CVE-2025-0683 (CVSS v4 rating: 8.2) – A privateness leakage vulnerability that causes plain-text affected person knowledge to be transmitted to a hard-coded public IP handle when the affected person is connected to the monitor

Profitable exploitation of CVE-2025-0683 may enable the gadget with that unspecified IP handle to realize entry to confidential affected person info or open the door to an adversary-in-the-middle (AitM) state of affairs.

The safety holes have an effect on the next merchandise –

  • CMS8000 Affected person Monitor: Firmware model smart3250-2.6.27-wlan2.1.7.cramfs
  • CMS8000 Affected person Monitor: Firmware model CMS7.820.075.08/0.74(0.75)
  • CMS8000 Affected person Monitor: Firmware model CMS7.820.120.01/0.93(0.95)
  • CMS8000 Affected person Monitor: All variations (CVE-2025-0626 and CVE-2025-0683)
Cybersecurity

“These cybersecurity vulnerabilities can enable unauthorized actors to bypass cybersecurity controls, getting access to and probably manipulating the gadget,” the FDA said, including it is “not conscious of any cybersecurity incidents, accidents, or deaths associated to those cybersecurity vulnerabilities at the moment.”

Provided that these vulnerabilities stay unpatched, CISA is recommending that organizations unplug and take away any Contec CMS8000 gadgets from their networks. It is value noting that the gadgets are additionally re-labeled and offered below the identify Epsimed MN-120.

It is also suggested to examine the affected person screens for any indicators of bizarre functioning, equivalent to “inconsistencies between the displayed affected person vitals and the affected person’s precise bodily state.”

CMS8000 Affected person Monitor is manufactured by Contec Medical Techniques, a developer of medical gadgets which might be situated in Qinhuangdao, China. On its web site, the corporate claims its merchandise are FDA-approved and distributed to over 130 international locations and areas.

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.