CISA and the FDA have reported critical security vulnerabilities in Contec CMS8000 and Epsimed MN-120 patient monitors. The vulnerabilities, CVE-2025-0626, CVE-2024-12248, and CVE-2025-0683, could allow unauthorized remote access, remote code execution, and data leakage. Organizations are advised to unplug and remove affected devices from their networks and monitor for unusual activity as no patches are available yet.
Sort: