CVE-2025-0683

In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario.

CVSS v3 5.9 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01
https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication
https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/
https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor
https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication

Configurations

No configuration.

History

31 Jan 2025, 18:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.9
Summary	(en) In its default configuration, the affected product transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario.	(en) In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario.

31 Jan 2025, 16:15

Type	Values Removed	Values Added
Summary		(es) En su configuración predeterminada, el producto afectado transmite datos del paciente en texto plano a una dirección IP pública codificada cuando un paciente está conectado al monitor. Esto podría provocar una fuga de datos confidenciales del paciente a cualquier dispositivo con esa dirección IP o a un atacante en un escenario de máquina intermedia.
References		() https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/ - () https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor - () https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication -

30 Jan 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-01-30 19:15

Updated : 2025-01-31 18:15

NVD link : CVE-2025-0683

Mitre link : CVE-2025-0683

CVE.ORG link : CVE-2025-0683

JSON object : View

Products Affected

No product.

CWE

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

5.9 /10