Backdoor in Chinese-made healthcare monitoring device leaks patient data | CSO Online

A backdoor in the Contec CMS8000 and Epsimed MN-120 patient monitors, popular in US and European medical settings, sends patient data to an unauthorized remote server. The backdoor, discovered by CISA, allows unauthorized code execution and data transmission, highlighting the need for improved medical device security. The FDA recommends disabling remote monitoring functions and using alternative devices for remote monitoring.