HomeCII/OTCISA warns that patient monitors with backdoor are sharing information with China

CISA warns that patient monitors with backdoor are sharing information with China

Published on

spot_img

The Contec CMS8000 patient monitor, a widely used device in healthcare settings, has been found to have vulnerabilities that could put patient data at risk. The US Cybersecurity and Infrastructure Security Agency (CISA) confirmed that the monitor, manufactured by a Chinese company, has a backdoor that can exfiltrate patient data to a hard-coded IP address and allow for the download and execution of unverified files.

The presence of this backdoor in the monitor’s firmware presents a serious risk to patient safety, as it could potentially lead to improper responses to vital signs displayed by the device. CISA, after being alerted to the monitor’s suspicious functions by an external researcher, identified three vulnerabilities in the firmware:

1. A reverse backdoor (CVE-2025-0626) that connects to a hard-coded IP address and allows for the uploading and overwriting of files
2. An out-of-bounds write flaw (CVE-2024-12248) that could enable attackers to write arbitrary data to the device through specially formatted UDP requests
3. A vulnerability (CVE-2025-0683) that results in the collection and transmission of plaintext patient and monitor sensor data to the hard-coded IP address

The IP address linked to the monitor is not associated with a medical facility but with a third-party university in China. This raises concerns about the potential misuse of the collected patient data and underscores the need for increased vigilance regarding cybersecurity in healthcare.

The lack of an alternative update mechanism, integrity-checking mechanisms, and version tracking in the backdoor function further exacerbate the security risks posed by the monitor. Without proper oversight and monitoring, hospitals and healthcare providers may be unaware of the software running on the device, making it difficult to ensure the safety and privacy of patient data.

While the US Food and Drug Administration (FDA) has not reported any cybersecurity incidents or harm related to these vulnerabilities, it recommends that healthcare providers remain alert for signs of unusual activity and disable remote monitoring features on the affected monitors. In the absence of a patch for these flaws, providers are advised to consider alternative patient monitoring solutions to mitigate the potential risks posed by the Contec CMS8000 and Epsimed MN-120 monitors.

In conclusion, the discovery of these vulnerabilities underscores the critical need for robust cybersecurity measures in medical devices, especially those used in healthcare settings where patient data security is paramount. Healthcare organizations, patients, and caregivers must prioritize the protection of sensitive information and take proactive steps to address vulnerabilities in monitoring devices to safeguard patient safety and privacy.

Source link

Latest articles

Telegram t.me Links Disrupted Due to Sanctioned VPNs

Telegram's t.me Shortlinks Disrupted by Sanctioned VPN Service On July 13, 2025, the popular messaging...

New NadMesh Botnet Exploits Over 20 RCE Vectors to Compromise AI and MCP Infrastructure

NadMesh: A New Era of Industrial-Grade Botnets NadMesh has emerged as a significant threat in...

AI Bug-Finding Tools Require Human Validation

The Role of AI in Offensive Security: Balancing Speed with Human Insight In an evolving...

AWS Billing Bug Shows Trillion-Dollar Cost Estimates to Cloud Customers

Amazon Web Services Faces Major Billing Anomaly in Cost Explorer Tool Amazon Web Services (AWS)...

More like this

Telegram t.me Links Disrupted Due to Sanctioned VPNs

Telegram's t.me Shortlinks Disrupted by Sanctioned VPN Service On July 13, 2025, the popular messaging...

New NadMesh Botnet Exploits Over 20 RCE Vectors to Compromise AI and MCP Infrastructure

NadMesh: A New Era of Industrial-Grade Botnets NadMesh has emerged as a significant threat in...

AI Bug-Finding Tools Require Human Validation

The Role of AI in Offensive Security: Balancing Speed with Human Insight In an evolving...