The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding Contec CMS8000 patient monitoring devices, which exhibit critical security vulnerabilities. These devices are reportedly sending sensitive patient data to a remote IP address and executing unauthorized files. CISA discovered these issues following a report from an external researcher. Testing of three firmware packages revealed strange network activity directed towards a hard-coded external IP, which does not relate to Contec, indicating a serious breach of patient confidentiality and device integrity.
The US Cybersecurity and Infrastructure Security Agency warns that Contec CMS8000 devices, a common healthcare monitoring tool, possess a backdoor that compromises patient data.
External researchers alerted CISA to vulnerabilities in the CMS8000 devices, revealing that they send patient information to a remote IP address and execute unauthorized files.
Tests conducted by CISA on the CMS8000 firmware uncovered unusual network activity directed towards a hard-coded IP address, unrelated to Contec, raising serious security concerns.
Contec, a China-based healthcare technology company, is facing scrutiny after CISA's findings highlight significant security threats associated with their patient monitoring equipment.
Collection
[
|
...
]