CISA, FDA Issue Warning Over Backdoor in China’s Contec Patient Monitors

5Mind. The Meme Platform
The Epoch Times Header

FDA recommended hospitals stop using the devices or disconnect them from the internet.

A patient monitor made by Chinese manufacturer Contec contains a backdoor that could allow an attacker to access patient data and remotely manipulate the devices, U.S. authorities said on Friday.

The Contec patient monitor CMS8000 is a device used to monitor human vital signs in hospitals and and clinics in the European Union and the United States.

The Food and Drug Administration (FDA) issued a statement, recommending hospitals and caregivers check Contec CMS8000 monitors, disconnect the device from the internet, or stop using it if the device relies on remote monitoring features.

The recommendation also applies to the same devices relabelled and sold as Epsimed MN-120 patient monitors.

“Once the patient monitor is connected to the internet, it begins gathering patient data, including personally identifiable information (PII) and protected health information (PHI), and exfiltrating (withdrawing) the data outside of the health care delivery environment,” the FDA said.

The device also contains a backdoor that can allow unauthorized persons to cause the device to crash or malfunction, or to corrupt data on the device, the FDA said.

The regulator said it’s not currently aware of any cybersecurity incidents, injuries, or deaths related to the vulnerabilities found on the device. It asked users to report any problems they find.

The vulnerabilities were identified by a research team from the Cybersecurity & Infrastructure Security Agency (CISA), which analyzed three versions of firmware for the Contec CMS8000 patient monitor.

The team found a backdoor that connects the devices to a hard-coded IP address, “allowing the device to download and execute unverified remote files,” CISA said in a report detailing the team’s findings.

The agency didn’t disclose the location of the IP address, stating only that it belongs to a “third-party university.”

The research team determined that it is “very unlikely” the backdoor serves as an alternative update mechanism due to the code’s “highly unusual characteristics,” which differ from those of other update mechanisms.

CISA said when the backdoor function on the device is executed, “files on the device are forcibly overwritten” without the knowledge of the end user, so hospitals won’t know what software is running on the device.

By Lily Zhou

Read Full Article on TheEpochTimes.com

Contact Your Elected Officials
The Epoch Times
The Epoch Timeshttps://www.theepochtimes.com/
Tired of biased news? The Epoch Times is truthful, factual news that other media outlets don't report. No spin. No agenda. Just honest journalism like it used to be.

Ring That Bell

If I could travel back in time to 1776,...

Thoughts On America 250

Before you, American reader, is the honor, blessing, and privilege of celebrating the 250th anniversary of our nation. A nation toward which God has been merciful, shining His great grace.
00:09:03

Two birthdays apart

The Bicentennial was not just a commemoration of 200 years of independence – it was a coast‑to‑coast block party of red, white and blue.
00:02:31

Is Charlie Kirk’s Assassination Looking More Like a Conspiracy?

Enough videos have been posted to the internet, plenty...

Is There a 9/11 WTC and 9/10 Charlie Kirk Connection?

Strange parallels in online stories raise questions about whether Israelis and Mossad intelligence are our allies or adversaries.

xAI Rebrands as SpaceXAI, Launches New Grok 4.5 Model

xAI has officially rebranded itself as SpaceXAI and has a new logo, the company recently announced on X.
00:18:20

Sen. Lindsey Graham Dies at 71

Sen. Lindsey Graham (R-S.C.) died from a “brief and sudden illness” Saturday evening, his office said in a statement.

DOJ Subpoenas NYT Journalists After Air Force One Security Report

The NYT said the DOJ issued subpoenas to its journalists after the NYT reported on alleged security concerns involving the new, Qatari-gifted Air Force One.
00:02:36

Federal Judge Rejects Transgender Health Nonprofit Bid to Halt FTC Lawsuit in Texas

A federal judge let stand an FTC lawsuit alleging a transgender health nonprofit made misleading claims about gender-affirming care for minors.

Trump Warns of Global Spread of Communism at NATO Summit

President Trump reiterated his warnings about communism during the NATO summit in Ankara on July 8, saying he believes it’s taking root in the US and around the world.

Trump Arrives in Ankara to Meet With NATO Allies

It marks the first visit to Turkey by a...
00:01:40

President Launches Trump Accounts for Children With Historic Opening of NYSE, NASDAQ

President Trump rang a bell to open the New York Stock Exchange and NASDAQ during an Oval Office ceremony to launch accounts for children across the nation.

Trump Shares New US Passport Design on Truth Social

The mockup shows limited-edition passports planned for a July...
spot_img

Related Articles

Popular Categories

MAGA Business Central