Cybersecurity Alert: Contec CMS8000 and Epsimed MN-120 Healthcare Monitors at Risk

The Cybersecurity and Infrastructure Security Agency (CISA), alongside the US Food and Drug Administration (FDA), has raised an alert for Contec CMS8000 and Epsimed MN-120 healthcare monitors, warning that these devices potentially put patients at risk once connected to the Internet. The issue is due to a malicious, hidden backdoor embedded into the devices, which security researchers believe is not intentional malware but rather an insecure design.

What are the Devices Used for?

These devices continuously monitor patient vital signs, such as heart rate, blood oxygen saturation, temperature, respiration rate, and more. The Internet of Medical Things (IoMT) is considered the riskiest device sector, even with the biggest decline overall in the number of risky devices deployed.

Recommendations for Healthcare Organizations

Team82 researchers recommend that healthcare organizations take steps to protect patients, including:

• Blocking all access to the subnet from their internal network
• Blocking devices attempting to upgrade firmware from a WAN server or potentially send PII (Personally Identifiable Information)

Implementing Secure Measures

"Hospitals should implement vulnerability detection and patching processes," says Moshe. "Alongside network segmentation, driven by high-quality passive visibility, will ensure the most secure network layout."

Original Source:

For more information, please visit the following sources:

• CISA Fact Sheet: Contec CMS8000-Contains-a-Backdoor-508c
• Dark Reading: Riskiest Connected Devices 2024