Quick Links: Skip to main page content Skip to Search Skip to Topics Menu Skip to Common Links
  • Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

MAUDE Adverse Event Report: CONTEC MEDICAL SYSTEMS CO. CONTEC CMS8000 ICS PATIENT MONITOR; MONITOR, CARDIAC (INCL. CARDIOTACHOMETER & RATE ALARM)
  • Print
  • Share
  • E-mail
-
Super Search Devices@FDA
510(k) | DeNovo | Registration & Listing | Adverse Events | Recalls | PMA | HDE | Classification | Standards
CFR Title 21 | Radiation-Emitting Products | X-Ray Assembler | Medsun Reports | CLIA | TPLC
 

CONTEC MEDICAL SYSTEMS CO. CONTEC CMS8000 ICS PATIENT MONITOR; MONITOR, CARDIAC (INCL. CARDIOTACHOMETER & RATE ALARM) Back to Search Results
Model Number CMS8000
Patient Problem No Clinical Signs, Symptoms or Conditions (4582)
Event Type  malfunction  
Event Description
There is a serious cyber security vulnerability in the contec cms8000 ics patient monitor.This vulnerability was discovered as part of our work with arpa-h (https://arpa-h.Gov/) under the digiheals (https://arpa-h.Gov/research-andfunding/programs/digiheals) program in an effort to improve hospital and medical device cybersecurity.This vulnerability was disclosed to cisa (https://www.Cisa.Gov/coordinated-vulnerability-disclosure-process) on july 24, 2024.
=
description
=
the cms800 device does not perform bounds checking while parsing network data sent by a threat actor.A threat actor with network access can remotely issue a specially formatted udp request that will allow them to write arbitrary data, leading to remote code execution (rce) with root privileges and persistence.Two sequential udp broadcast requests could be sent that cause a mass takeover of all cme8000 devices connected to the same network.(b)(4).
 
Search Alerts/Recalls

  New Search  |  Submit an Adverse Event Report

Brand Name
CONTEC CMS8000 ICS PATIENT MONITOR
Type of Device
MONITOR, CARDIAC (INCL. CARDIOTACHOMETER & RATE ALARM)
Manufacturer (Section D)
CONTEC MEDICAL SYSTEMS CO.
MDR Report Key20291070
MDR Text Key352649980
Report NumberMW5159958
Device Sequence Number1
Product Code DRT
Combination Product (y/n)N
Reporter Country CodeUS
Number of Events Reported1
Summary Report (Y/N)N
Report Source Voluntary
Reporter Occupation Unknown
Type of Report Initial
Report Date 09/16/2024
1 Device was Involved in the Event
1 Patient was Involved in the Event
Is this an Adverse Event Report? No
Is this a Product Problem Report? Yes
Device Model NumberCMS8000
Was Device Available for Evaluation? Yes
Initial Date Manufacturer Received Not provided
Initial Date FDA Received09/20/2024
Patient Sequence Number1
Patient SexUnknown
-
-