CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors

2025-01-31 13:10

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability, tracked as CVE-2025-0626, carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two other issues, was reported to CISA

News URL

https://thehackernews.com/2025/01/cisa-and-fda-warn-of-critical-backdoor.html

#backdoor #cisa #critical #FDA #CVE-2025-0626

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-30	CVE-2025-0626	The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Contec		27	0	14	20	9	43

News URL

Related news

Related Vulnerability

Related vendor