Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Contec. Show all posts
Network Security
Backdoor China Contec Data Breach Healthcare Network Security

Experts Find Hidden Backdoors Inside Chinese Software Stealing Patient Data

Experts Find Hidden Backdoors Inside Chinese Software Stealing Patient Data

Cybersecurity & Infrastructure Security Agency (CISA) in the US rolled out an investigation report concerning three firmware variants used in Contec CMS800, a patient monitoring system used in healthcare facilities and hospitals. 

CIS finds hidden backdoor in Chinese software

Experts found that the devices had a hidden backdoor with a hard-coded IP address, enabling transmission of patient data. This is doable as the devices will start a link to a central monitoring system through a wireless or wired network, as per the product description. 

The agency disclosed the codes that send data to a select IP address. The decoded data includes detailed information- patients, hospital department, doctor’s name, date of birth, admission date, and other details about the device users. 

Details about three flaws

The flaw is filed under “CVE-2025-0626 with a CVSS v4 score of 7.7 out of 10” says Tom’s Hardware, while also talking about two other vulnerabilities “filed under CVE-2024- 12248, which indicates that it could allow an attacker to write data remotely to execute a code” and “CVE-2025-0683, which relates to privacy vulnerability.”

Impact of vulnerabilities

The three cybersecurity flaws can allow threat actors to dodge cybersecurity checks, get access, and also manipulate the device, the FDA says, not being “aware of any cybersecurity incidents, injuries, or deaths related to these cybersecurity vulnerabilities at this time."

FDA said that Contec Medical Systems is a device manufacturer in China, its products are used in the healthcare industry- clinics, hospitals, etc., in the US and European Union. However, experts found that these can also be bought from eBay for $599. 

About Contec

These devices are also rebranded as Epsimed MN-120, the FDA believes. Contec products are FDA-approved and sold in more than 130 countries. As part of its vulnerability disclosure process, the CISA research team discovered uncovered this flaw. 

The agency has also mentioned that the IP address is not linked with any medical device manufacturer, “Still, it is a third-party university, though it doesn't mention the university, the IP address, or the country it is sending data to,” reports Tom Hardware. 

The CISA has also assessed that the coding was meant to be a substitute update system because it doesn’t include standard update techniques like doing integrity checks or tracking updated versions. Instead, it offers a remote file sent to the IP address. To solve this, the FDA suggests removing the monitoring device from its network and tracking the patient’s physical condition and vital stats.

Read more »
Subscribe to: Posts (Atom)