Posted on 01/31/2025 8:49:05 PM PST by Pete from Shawnee Mission
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient data to a remote IP address and downloads and executes files on the device.
Contec is a China-based company that specializes in healthcare technology, offering a range of medical devices including patient monitoring systems, diagnostic equipment, and laboratory instruments.
CISA learned of the malicious behavior from an external researcher who disclosed the vulnerability to the agency. When CISA tested three Contec CMS8000 firmware packages, the researchers discovered anomalous network traffic to a hard-coded external IP address, which is not associated with the company but rather a university.
This led to the discovery of a backdoor in the company's firmware that would quietly download and execute files on the device, allowing for remote execution and the complete takeover of the patient monitors. It was also discovered that the device would quietly send patient data to the same hard-coded address when devices were started. (additional info at link.)
(Excerpt) Read more at bleepingcomputer.com ...
Everything from China will have a backdoor, including Tik-Tok.
While this is generally understood, its good to have explicit confirmation.
Send a virus, for Pete’s sake.
Yes it is.
Sounds like, among other uses, this back door could be used by the CCP to falsify vital signs or other data on the monitor to try to indirectly harm patients. It’s long past time to bring home every industry that we’ve stupidly farmed out to the Chinese and then cut off all trade with them until they overthrow their malicious communist government.
Yes it is.
Other countries make our medicine and medical devices. They grow our food. They even answer our customer service calls, and they have access to our financial information. Relying on foreign countries puts us in a vulnerable position.
I bet Huawei routers have similar.
Absolutely.
If you buy a Chinese HAMMER, it probably sends data back.
How much more of this do we need to realize we are under their constant attack?
Strip them of their special status and bring our manufacturing HOME!
bookmark.
If it’s digital and connected it’s vulnerable... Nothing new.
Yet another reminder I need to VLAN off my network to separate and lock down all the IoT stuff.
I read a book years ago, I don’t remember the name, but it was about China starting WWIII and flipping an off switch they had installed in every chip they produced and shipped out of the country. Sounds more and more realistic.
Somewhere China has a vast database of U.S. Citizens which I have no doubt they make available to groups like the DNC through some sympathetic proxy and for a fee!
That and of course copycat substandard fasteners that are in all of our military equipment.
(No, not really worried about trackers in the packages, worried about pollution in the soil and anything that grows in it! )
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.