Aus der Reihe "Wir sind sicher"
Geschrieben am 04-02-2025 - ⧖ 1 minDie ePA zu hacken hat einige Tage gedauert und man kann der auch widersprechen. Blöd ist nur, wenn der einzige Schutz das Ziehen des Steckers ist. Also wortwörtlich:
Backdoor in Contec CMS8000 monitors may allow faulty patient readings
The U.S. government warned Jan. 30 that a backdoor in the firmware of Contec CMS8000 patient monitors could allow for remote code execution that could let attackers alter configurations, introducing risk because a malfunctioning monitor could lead to an improper response to a patient’s vital signs.
[...]
The Contec CMS8000 devices, manufactured by China-based Contec Medical Systems, are used in medical settings in the United States and European Union to provide continuous monitoring of a patient’s vital signs. According to the FDA, there are three main concerns around these new cybersecurity vulnerabilities:
- An unauthorized user could remotely control the patient monitor.
- The firmware has a backdoor, potentially compromising the device or its connected network.
- When connected to the internet, the patient monitor collects patient data, including PII and PHI, and sends it outside the healthcare environment.
Since there is no patch available, the FDA has told hospitals to unplug the Contec devices and stop using them, and to use only the local monitoring features on the patient monitor.
[...]https://www.scworld.com/news/backdoor-in-contec-cms8000-monitors-may-allow-faulty-patient-readings
Ich mein.. was soll schon passieren?!