Device Update Vulnerability in Contec Patient Monitors
CVE-2025-1204

7.7HIGH

Key Information:

Vendor: Contec Health
Status: Cms8000 Patient Monitor
Vendor: CVE Published:; 25 February 2025

Summary

A vulnerability exists in the firmware of Contec CMS8000 patient monitors where the update binary attempts to connect to a hard-coded, routable IP address. This process occurs without regard to the device's existing network settings and is triggered by pressing the 'C' button at specific moments during boot. If exploited, an attacker controlling this IP address could potentially upload malicious files to the device, compromising its integrity and functionality.

Affected Version(s)

CMS8000 Patient Monitor 0

References

https://claroty.com/team82/research/are-contec-cms8000-pa...

third-party-advisory

https://www.cisa.gov/news-events/ics-medical-advisories/i...

government-resource

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 25, 2025
Vulnerability Reserved
Feb 10, 2025

Credit

Claroty - Team82