CVE-2025-0683

HIGH Year: 2025
CVSS v3 Score
5.9
Medium
Weakness Type
CWE-359
View all →

Vulnerability Description

In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a machine-in-the-middle scenario.

Related Vulnerabilities

CVE-2024-30321

HIGH
CVSS:5.9(Medium)

A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19 (...

CWE-3592024

CVE-2024-38103

MEDIUM
CVSS:5.9(Medium)

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CWE-3592024

CVE-2025-27080

MEDIUM
CVSS:6.0(Medium)

Vulnerabilities in the command line interface of AOS-CX could allow an authenticated remote attacker to expose sensitive information. Successful exploitation could allow an attacker to gain unauthoriz...

CWE-3592025

CVE-2022-24719

MEDIUM
CVSS:6.1(Medium)

Fluture-Node is a FP-style HTTP and streaming utils for Node based on Fluture. Using `followRedirects` or `followRedirectsWith` with any of the redirection strategies built into fluture-node 4.0.0 or ...

CWE-3592022

CVE-2023-44156

MEDIUM
CVSS:5.7(Medium)

Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.

CWE-3592023

CVE-2024-49386

MEDIUM
CVSS:5.7(Medium)

Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.

CWE-3592024