CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
Jan 31, 2025
Vulnerability / Healthcare
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors and Epsimed MN-120 patient monitors. The vulnerability , tracked as CVE-2025-0626 , carries a CVSS v4 score of 7.7 on a scale of 10.0. The flaw, alongside two other issues, was reported to CISA by an anonymous external researcher. "The affected product sends out remote access requests to a hard-coded IP address, bypassing existing device network settings to do so," CISA said in an advisory. "This could serve as a backdoor and lead to a malicious actor being able to upload and overwrite files on the device." "The reverse backdoor provides automated connectivity to a hard-coded IP address from the Contec CMS8000 devices, allowing the device to download and execute unverified remote files. Publicly available records show that the IP address is not associa...