The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued warnings about cybersecurity vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors. The most critical flaw, CVE-2025-0626 (CVSS 7.7), allows the device to send remote access requests to a hard-coded IP address, potentially enabling attackers to upload and overwrite files.

Other vulnerabilities include CVE-2024-12248 (CVSS 9.3), an out-of-bounds write flaw leading to remote code execution, and CVE-2025-0683 (CVSS 8.2), which causes plaintext patient data to be transmitted to an unknown public IP. These issues remain unpatched, prompting CISA’s recommendation to unplug affected devices. While no known cybersecurity incidents have been reported, the FDA warns of potential unauthorized access and data manipulation risks.

‍