Patient Monitor Contec CMS8000 Contains a Backdoor
10 comments
·January 31, 2025jeroenhd
Wololooo
Someone is going to be going out of business soon and someone at a university is going to get very fired.
numbsafari
> Contec Medical Systems Co., Ltd. (hereinafter referred to as CONTEC) focusing on research, manufacture and distribution of medical instruments, was founded in 1996 as a high-tech company. CONTEC locates in Economic & Technical Development Zone in Qinhuangdao covered an area of 125 acres and building area of over 100000 square meter, which is one of the largest bases for R & D and production of medical devices in China.
https://contechealth.com/pages/company-introduction
I doubt it.
lenerdenator
I work in medical software.
If you think the FDA or other regulating bodies wouldn't immediately tell care providers to yank these devices, you might be in for a surprise.
What's more mysterious to me is why there's a back door in a device like this. Seems like a bizarre way to attack your enemy.
red_admiral
I doubt anyone at the university was involved, or is in trouble. I rather suspect that the university was told "put this on your network and don't ask too many questions".
Crosseye_Jack
It also contains a out of bounds write, which could lead to RCE. https://www.cve.org/CVERecord?id=CVE-2024-12248
null
Notably, the backdoor uploads data to an NFS share hosted on a university IP (the exact university has not been made clear). Data includes patient names, doctor names, date of birth, and the specific hospital department the patient is at.