The backdoor on Contec CMS8000 patient-monitoring devices could allow an IP address at an unnamed university to remotely download and execute unverified files, according to CISA.
everything has a backdoor… can we quit pretending that these zero day CVE are not back doors?
or we can’t start naming them unless it is Chinese doing it?
Knock it off with the propaganda.
This is literally a deliberate back door.
And no, we can’t call zero days backdoors because they are not same thing.
The equipment, from China-based Contec Medical Systems, was mysteriously configured to connect to an IP address for a third-party university with no connection to the manufacturer.
The backdoor enables the IP address at the unnamed university to remotely download and execute unverified files on the patient monitor, CISA’s report says. In addition, the same backdoor automatically sends patient data to the IP address.
