The CISA and FDA have released security warnings about the Contec CMS8000, which is used for patient monitoring.

The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design.

The US Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning about Contec CMS8000, a patient ...

Attackers can attack medical hardware from Contec. This can result in malicious code getting onto devices. There has been no ...

CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt ...

The Cybersecurity and Infrastructure Security Agency and the FDA have warned that healthcare hackers pose a risk to patient ...

The Cybersecurity and Infrastructure Security Agency and Food and Drug Administration Jan. 30 released notices warning of ...

Update 2/4/25: A new report from Claroty states that they purchased the Contec CMS8000 device and, after analyzing its firmware, believe the behavior described by CISA and the FDA is actually an ...

The FDA says the cybersecurity vulnerabilities identified may put patients at risk when the device is connected to the ...

Functionality in the device firmware sends patient data to a hardcoded IP address that also downloads and executes binary ...

Vulnerabilities in certain Contec and Epsimed patient monitors can allow people to gain access and potentially manipulate the ...

CISA and FDA say Contec patient monitors used in the US contain a backdoor that could allow remote attackers to tamper with the device.