The backdoor on Contec CMS8000 patient-monitoring devices could allow an IP address at an unnamed university to remotely download and execute unverified files, according to CISA.

    • Deceptichum@quokk.auEnglish
      233·
      9 months ago

      Knock it off with the propaganda.

      This is literally a deliberate back door.

      And no, we can’t call zero days backdoors because they are not same thing.

      The equipment, from China-based Contec Medical Systems, was mysteriously configured to connect to an IP address for a third-party university with no connection to the manufacturer.

      The backdoor enables the IP address at the unnamed university to remotely download and execute unverified files on the patient monitor, CISA’s report says. In addition, the same backdoor automatically sends patient data to the IP address.

      • HakFoo@lemmy.sdf.orgEnglish
        37·
        9 months ago

        There are valid questions, many of which revolve around how and why it’s used.

        Some systems have brain damaged approaches to diagnostics/logging, license enforcement, or remote service/update systems that create security holes but are not intentionally malicious.

        Security is hard and we should remember Hanlon’s Razor.

        • YonderEpochs@lemmy.worldEnglish
          7·
          9 months ago

          I get lots of mileage out of Hanlon’s Razor, and I acknowledge the rampant incompetence that suggests its applicability, but digital security seems like about the least appropriate place to apply this rule of thumb.

          • HakFoo@lemmy.sdf.orgEnglish
            61·
            9 months ago

            As someone who has to deal with PCI compliance issues, there’s plenty of noob mistakes, out-of-date thinking and outright “let’s log this data for debugging purposes even though if any regulator found out they’d nuke us from orbit.”