Sign in / up

back to article Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP

The United States Food and Drug Administration has told medical facilities and caregivers that monitor patients using Contec equipment to disconnect the devices from the internet ASAP. The Contec CMS8000, also sold as the Epsimed MN-120, contains a trio of vulnerabilities (CVE-2024-12248, CVSS 9.3; CVE-2025-0626, CVSS 7.5; and …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. david 12 Silver badge

    most alarmingly, exfiltrate information

    If all this backdoor allowed was for the device to send my name, heartrate and CO2 levels to an AI training company in China, I wouldn't be "most alarmed"..

    However, the actual FDA warning is that the open backdoor allows the ability to alter its configuration, introducing risk to patient safety ... an improper response to patient vital signs..

    That justifies alarm.

    14 0 Reply
  2. John Smith 19 Gold badge
    Unhappy

    They are *not* a "Medical equipment" supplier anymore

    They are a software house that supports some unusual peripherals.

    And like most (all) of the businesses that now find themselves in this position they are pretty bad at it.

    I expect that like the rest they will get better one lawsuit at a time.

    5 0 Reply
  3. harrys Bronze badge

    they are now.....

    disabling public access by default

    getting rid of the ability for customers to create unencrypted clusters

    enforcing secure connections by default.

    way way too surreal for a monday, even with everything else gooin on :)

    2 0 Reply
  4. heyrick Silver badge

    Given the prices hospitals over there charge...

    ...you'd have expected, at the very least, they would have competent people doing the IT instead of plugging medical equipment into the public internet because...because what, exactly? Convenience? Incompetence?

    4 0 Reply
    1. Wang Cores
      Reply Icon

      Re: Given the prices hospitals over there charge...

      If you think the idea is to actually provide a product that works instead of developing a money printer that might pass as a product...

      4 1 Reply
  5. An_Old_Dog Silver badge
    FAIL

    MGM Payout

    ... victims who can prove financial losses can claim payments of up to $15,000.

    Good luck "proving" your financial losses are due to MGM's cockup. And if you could prove losses due to MGM's cockup, if those losses are in excess of $15K, you still will be boned.

    Once again, the House wins.

    4 0 Reply
  6. Groo The Wanderer - A Canuck

    Yep, but Canada is clearly the greater threat than China, deserving 25% tariffs instead of 10%. Because in the end, Musk and a host of tech bros that were in the front row of the inauguration rely on Chinese parts, not Canadian, and they'd be livid if they had to pass on a 25% premium on pricing to their end users. It might even mean they'd have to settle for a 35% profit margin on those products instead of 85%.

    3 1 Reply
  7. Mr Dogshit
    FAIL

    Disappointingly, the IP address in question has been redacted

    Although it is said to belong to a university. Probably not Oxford or Cambridge.

    https://www.cisa.gov/sites/default/files/2025-01/fact-sheet-contec-cms8000-contains-a-backdoor-508c.pdf

    Can't we make this kind of equipment in Europe?

    0 0 Reply
  8. Erik Beall

    Not an actual backdoor just usual bad practices

    Nice writeup of the CMS8000 patient monitors here, the most likely cause they assesed as usual bad practices (which of course could lead to hijack)

    http://claroty.com/team82/research/are-contec-cms8000-patient-monitors-infected-with-a-chinese-backdoor-the-reality-is-more-complicated

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like