There are some interesting questions afoot, with the news that the Contec CMS8000 medical monitoring system has a backdoor.

This week’s update covers a broad range of cybersecurity news—from AI risks to law enforcement efforts against cybercrime.

CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt ...

On January 30, 2025, the U.S. Food and Drug Administration (FDA) issued a safety communication regarding cybersecurity vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors.

Functionality in the device firmware sends patient data to a hardcoded IP address that also downloads and executes binary ...

The threat was discovered in three firmware versions for a patient monitor called the Contec CMS8000 (also sold as the Epsimed MN-120), which can display a user’s vitals, including heart rate ...

The medical devices also contain backdoors, allowing remote unauthorized attackers to run remote code. The critical flaws plague Contec CMS8000 and their relabeled versions such as Epsimed MN-120.

The Cybersecurity and Infrastructure Security Agency and Food and Drug Administration Jan. 30 released notices warning of vulnerabilities found in the Contec CMS8000, a patient monitoring device used ...

The backdoor on Contec CMS8000 patient-monitoring devices could allow an IP address at an unnamed university to remotely download and execute unverified files, according to CISA.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient ...