The Download
The Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have issued a warning regarding hardcoded backdoor vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors. These devices, which monitor vital signs such as heart rate and blood oxygen saturation, are susceptible to unauthorized remote access due to insecure design. Attackers can exploit this backdoor to remotely control the monitors, potentially causing them to malfunction, exfiltrate sensitive patient data, and use the compromised devices as entry points to broader healthcare networks. Such exploitation could lead to incorrect patient monitoring, unauthorized disclosure of protected health information, and further network compromises.
What You Can Do
To mitigate these risks, IT administrators in healthcare settings should immediately assess whether these vulnerable devices are present within their networks. If so, it is crucial to implement network segmentation to isolate the monitors from critical systems and apply available security patches or firmware updates provided by the manufacturers. Additionally, disabling unnecessary internet connectivity for these devices can reduce exposure to potential attacks. Regularly monitoring network traffic for unusual activity and conducting thorough security assessments can further help in identifying and addressing vulnerabilities before they are exploited.
ThreatMate will identify vulnerable assets on networked systems including IoT. Sign up for a demo today!
To Learn More: