This post takes us away from medical devices but can be totally applied to medical devices and has been spoken about in research. Firmware modification involved modifying the firmware to malicious ones when devices need to update! Updates are essential and in most cases are required to be connected to the Internet that results in the vulnerability - When Firmware Modifications Attack: A Case Study of Embedded Exploitation. Summarizing:

• Firmware modification attacks transcend operating system versions and instruction set architectures and can adhere to entire family of devices (networked embedded systems).
• Successfully implanted infected malware to a range of printers as well as exposed third party vulnerabilities. Exploits kernel structure and memory accesses.