The Cybersecurity and Infrastructure Security Agency (CISA) published an ICS Medical Advisory regarding cybersecurity vulnerabilities with Contec Health’s patient vital signs monitors, in which successful exploitation of these vulnerabilities could allow a threat actor to cause a denial-of-service condition, modify firmware with physical access to the device, access a root shell, or employ hard-coded credentials to make configuration changes.
The bugs are in the Contec Health CMS8000 Vital Signs Patient Monitor, a device that’s designed to monitor a patient’s heart rate, oxygen saturation, temperature, and other vital signs. Researchers at Level Nine, a firm that specializes in medical device security, reported the flaws to CISA, and the agency said in its advisory that Contec Health did not respond to any requests from CISA to help mitigate the flaws.
There are five vulnerabilities in total, and perhaps the most severe of the lot is a bug that allows a local attacker to install a malicious firmware image without the impediment of authentication or other access controls.
“A threat actor with momentary access to the device can plug in a USB drive and perform a malicious firmware update, resulting in permanent changes to device functionality. No authentication or controls are in place to prevent a threat actor from maliciously modifying firmware and performing a drive-by attack to load the firmware on any CMS8000 device,” the CISA advisory says.
Read the full article at Duo.