DO NOT TRUST CHINA, CHINA IS ASSHOLE: Chinese-Made Patient Monitor Contains a Secret Backdoor.

A medical device used in hospitals has been found hosting a backdoor, paving the way for an unauthorized user to remotely control and tamper with the equipment.

The threat was discovered in three firmware versions for a patient monitor called the Contec CMS8000 (also sold as the Epsimed MN-120), which can display a user’s vitals, including heart rate, according to an advisory from the Cybersecurity and Infrastructure Security Agency (CISA).

The equipment, from China-based Contec Medical Systems, was mysteriously configured to connect to an IP address for a third-party university with no connection to the manufacturer.

The backdoor enables the IP address at the unnamed university to remotely download and execute unverified files on the patient monitor, CISA’s report says. In addition, the same backdoor automatically sends patient data to the IP address.

“Once the patient monitor is connected to the internet, it begins gathering patient data, including personally identifiable information (PII) and protected health information (PHI), and exfiltrating (withdrawing) the data outside of the health care delivery environment,” an advisory from the Food and Drug Administration adds.