21 views 10 secs 0 comments

FDA, CISA warn of backdoor in popular patient monitor used by US hospitals

In Vulnerabilities, News
February 02, 2025
FDA, CISA warn of backdoor in popular patient monitor used by US hospitals

The Record reports:

Federal agencies are warning hospitals of a backdoor discovered in a popular line of patient monitors sold by Chinese company Contec.

The Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) released warnings on Thursday about an embedded function they found in the firmware of the Contec CMS8000 — hardware used to display information like vital signs, temperature, heartbeat and blood pressure.  

Contec Medical is a medical device company based in Hebei, China. The affected patient monitors are “used in medical settings in the U.S. and European Union,” CISA said.

The backdoor “may allow remote code execution and device modification with the ability to alter its configuration, introducing risk to patient safety as a malfunctioning patient monitor could lead to an improper response to patient vital signs.”

Read more at The Record.