Browse all 9 CVE security advisories affecting Contec Health. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Contec Health develops medical devices and healthcare IT solutions, primarily focusing on patient monitoring systems and clinical information management. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure default configurations. While no major public security incidents have been widely reported, the nine CVEs on record indicate persistent security concerns, particularly in web interfaces and communication protocols. These vulnerabilities could potentially allow unauthorized access to sensitive patient data or disruption of critical healthcare operations, highlighting the need for robust security practices in medical device deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-1204 | Contec Health CMS8000 Patient Monitor 安全漏洞 — CMS8000 Patient MonitorCWE-912 | 7.7 | - | 2025-02-25 |
| CVE-2025-0683 | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient Monitor — CMS8000 Patient MonitorCWE-359 | 5.9 | Medium | 2025-01-30 |
| CVE-2025-0626 | Hidden Functionality vulnerability in Contec Health CMS8000 Patient Monitor — CMS8000 Patient MonitorCWE-912 | 7.5 | High | 2025-01-30 |
| CVE-2024-12248 | Out-of-bounds Write vulnerability in Contec Health CMS8000 Patient Monitor — CMS8000 Patient MonitorCWE-787 | 9.8 | Critical | 2025-01-30 |
This page lists every published CVE security advisory associated with Contec Health. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.