Executive Summary

Informations
Name CVE-2025-0683 First vendor Publication 2025-01-30
Vendor Cve Last vendor Modification 2025-01-31

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0683

Sources (Detail)

https://www.bleepingcomputer.com/news/security/backdoor-found-in-two-healthca...
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01
https://www.cisa.gov/resources-tools/resources/contec-cms8000-contains-backdoor
https://www.fda.gov/medical-devices/safety-communications/cybersecurity-vulne...
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2025-01-31 21:20:29
  • Multiple Updates
2025-01-31 00:20:29
  • First insertion