Contec Health CMS8000 Patient Monitor Out-of-Bounds Write Vulnerability Allowing Remote Code Execution

A vulnerability allowing an out-of-bounds write has been identified in the Contec Health CMS8000 Patient Monitor. This issue could enable an attacker to send specially crafted UDP requests that write arbitrary data, potentially leading to remote code execution. The vulnerability exists in all versions of the CMS8000 Patient Monitor firmware, including the Epsimed MN-120 Patient Monitor, which is a rebranded version of the CMS8000.

Impact

Exploitation of this vulnerability could allow for remote code execution on the affected device.

Remediation

The FDA has issued a safety communication advising healthcare providers and facilities to remove Contec CMS8000 devices from their networks. If removal is not possible, users should block specific IP addresses associated with the vulnerability. Healthcare facility staff should contact Contec for instructions on applying a software patch that removes networking functionality from the device, making it usable only for local monitoring.