CVE-2025-0683

low-risk

Published 2025-01-30

In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario.

Do I need to act?

-

0.16% chance of exploitation

EPSS score — low exploit probability

-

Not on CISA KEV list

No confirmed active exploitation reported to CISA

?

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

5

CVSS 5.9/10 Medium

NETWORK / HIGH complexity

References (5)

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01

https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerab...

https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-...

https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor

https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerab...

24

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal