Bleeping Computer

Backdoor found in two healthcare patient monitors, linked to IP in China

Update 2/4/25: A new report from Claroty states that they purchased the Contec CMS8000 device and, after analyzing its firmware, believe the behavior described by CISA and the FDA is actually an ...
Infosecurity-magazine.com

CISA Warns of Backdoor Vulnerability in Contec Patient Monitors

A hidden backdoor function embedded in the firmware of the Contec CMS8000 patient monitor has been identified by the US Cybersecurity and Infrastructure Security Agency (CISA). The vulnerability, ...
Dark Reading

Agencies Sound Alarm on Patient Monitors With Hardcoded Backdoor

Last week, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the US Food and Drug Administration (FDA), raised an alert for Contec CMS8000 and Epsimed MN-120 healthcare monitors, ...
CSOonline

Backdoor in Chinese-made healthcare monitoring device leaks patient data

Functionality in the device firmware sends patient data to a hardcoded IP address that also downloads and executes binary files without the owner’s knowledge. US federal agencies have warned that a ...