CVE-2025-0683 Information

Description

In its default configuration the affected product transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario.

Reference

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-030-01