Security flaws in a vital signs monitoring device from a Chinese manufacturer could allow hackers to launch an attack that spreads to all other devices connected to the same network, says Jason Sinchak of security firm Level Nine, the company that discovered the vulnerabilities.
Some of the flaws in affected Contec Medical Systems Co. equipment including hard-coded credentials are very common among the products that Sinchak and his team often evaluate for manufacturing and healthcare clients, while other Contec product vulnerabilities are more serious, he says in an interview with Information Security Media Group.