CVE-2025-0683

EUVD-2025-1815
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text 
patient data to a hard-coded public IP address when a patient is hooked 
up to the monitor. This could lead to a leakage of confidential patient 
data to any device with that IP address or an attacker in a 
machine-in-the-middle scenario.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
icscertCNA
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01
https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication
https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthcare-patient-monitors-linked-to-ip-in-china/
https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor
https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulnerabilities-certain-patient-monitors-contec-and-epsimed-fda-safety-communication