Search criteria
33 vulnerabilities by Medtronic
CVE-2025-12997 (GCVE-0-2025-12997)
Vulnerability from cvelistv5 – Published: 2025-12-04 20:04 – Updated: 2025-12-09 19:39
VLAI?
Summary
Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: before December 4, 2025.
Severity ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | CareLink Network |
Affected:
0 , < December 4, 2025
(custom)
|
Credits
Ionut Cernica
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T19:39:43.231608Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T19:39:49.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CareLink Network",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "December 4, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ionut Cernica"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: before December 4, 2025."
}
],
"value": "Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: before December 4, 2025."
}
],
"impacts": [
{
"capecId": "CAPEC-261",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:04:26.083Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2025-12997",
"datePublished": "2025-12-04T20:04:26.083Z",
"dateReserved": "2025-11-11T03:38:47.476Z",
"dateUpdated": "2025-12-09T19:39:49.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12996 (GCVE-0-2025-12996)
Vulnerability from cvelistv5 – Published: 2025-12-04 20:04 – Updated: 2025-12-09 18:26
VLAI?
Summary
Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025.
Severity ?
4.1 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | CareLink Network |
Affected:
0 , < December 4, 2025
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-09T18:26:23.372646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T18:26:32.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CareLink Network",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "December 4, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025."
}
],
"value": "Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025."
}
],
"impacts": [
{
"capecId": "CAPEC-215",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-215 Fuzzing for application mapping"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:04:02.695Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2025-12996",
"datePublished": "2025-12-04T20:04:02.695Z",
"dateReserved": "2025-11-11T03:38:46.667Z",
"dateUpdated": "2025-12-09T18:26:32.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12995 (GCVE-0-2025-12995)
Vulnerability from cvelistv5 – Published: 2025-12-04 20:03 – Updated: 2025-12-08 21:08
VLAI?
Summary
Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force attack on an API endpoint that could be used to determine a valid password under certain circumstances. This issue affects CareLink Network: before December 4, 2025.
Severity ?
8.1 (High)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | CareLink Network |
Affected:
0 , < December 4, 2025
(custom)
|
Credits
Bernhard Lorenz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-08T21:08:39.951215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T21:08:48.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CareLink Network",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "December 4, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bernhard Lorenz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force attack on an API endpoint that could be used to determine a valid password under certain circumstances. This issue affects CareLink Network: before December 4, 2025."
}
],
"value": "Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force attack on an API endpoint that could be used to determine a valid password under certain circumstances. This issue affects CareLink Network: before December 4, 2025."
}
],
"impacts": [
{
"capecId": "CAPEC-49",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-49 Password Brute Forcing"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:03:00.854Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2025-12995",
"datePublished": "2025-12-04T20:03:00.854Z",
"dateReserved": "2025-11-11T03:38:45.676Z",
"dateUpdated": "2025-12-08T21:08:48.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12994 (GCVE-0-2025-12994)
Vulnerability from cvelistv5 – Published: 2025-12-04 20:02 – Updated: 2025-12-08 21:02
VLAI?
Summary
Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for security questions to an API endpoint that could be used to determine a valid user account. This issue affects CareLink Network: before December 4, 2025.
Severity ?
5.3 (Medium)
CWE
- CWE-204 - Observable Response Discrepancy
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | CareLink Network |
Affected:
0 , < December 4, 2025
(custom)
|
Credits
Bernhard Lorenz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-08T21:02:40.658602Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-08T21:02:50.241Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CareLink Network",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "December 4, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bernhard Lorenz"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for security questions to an API endpoint that could be used to determine a valid user account. This issue affects CareLink Network: before December 4, 2025."
}
],
"value": "Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for security questions to an API endpoint that could be used to determine a valid user account. This issue affects CareLink Network: before December 4, 2025."
}
],
"impacts": [
{
"capecId": "CAPEC-575",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-575: Account Footprinting"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204 Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:02:06.492Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2025-12994",
"datePublished": "2025-12-04T20:02:06.492Z",
"dateReserved": "2025-11-11T03:38:43.879Z",
"dateUpdated": "2025-12-08T21:02:50.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4395 (GCVE-0-2025-4395)
Vulnerability from cvelistv5 – Published: 2025-07-24 03:30 – Updated: 2025-07-24 13:18
VLAI?
Title
Medtronic MyCareLink Patient Monitor Empty Password Vulnerability
Summary
Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality.
This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
Severity ?
6.8 (Medium)
CWE
- CWE-258 - Empty Password in Configuration File
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | MyCareLink Patient Monitor 24950 |
Affected:
0 , < June 25, 2025
(custom)
|
|||||||
|
|||||||||
Credits
Ethan Morchy, with Somerset Recon
Carl Mann, independent researcher
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T13:18:46.616820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T13:18:56.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MyCareLink Patient Monitor 24950",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "June 25, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MyCareLink Patient Monitor 24952",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "June 25, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ethan Morchy, with Somerset Recon"
},
{
"lang": "en",
"type": "finder",
"value": "Carl Mann, independent researcher"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
}
],
"value": "Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-258",
"description": "CWE-258 Empty Password in Configuration File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T03:30:24.185Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Medtronic MyCareLink Patient Monitor Empty Password Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2025-4395",
"datePublished": "2025-07-24T03:30:24.185Z",
"dateReserved": "2025-05-06T20:01:00.625Z",
"dateUpdated": "2025-07-24T13:18:56.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4394 (GCVE-0-2025-4394)
Vulnerability from cvelistv5 – Published: 2025-07-24 03:26 – Updated: 2025-07-24 13:19
VLAI?
Title
Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability
Summary
Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files.
This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
Severity ?
6.8 (Medium)
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | MyCareLink Patient Monitor 24950 |
Affected:
0 , < June 25, 2025
(custom)
|
|||||||
|
|||||||||
Credits
Ethan Morchy, with Somerset Recon
Carl Mann, independent researcher
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4394",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T13:19:43.967176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T13:19:47.565Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MyCareLink Patient Monitor 24950",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "June 25, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MyCareLink Patient Monitor 24952",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "June 25, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ethan Morchy, with Somerset Recon"
},
{
"lang": "en",
"type": "finder",
"value": "Carl Mann, independent researcher"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
}
],
"value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T03:26:06.706Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2025-4394",
"datePublished": "2025-07-24T03:26:06.706Z",
"dateReserved": "2025-05-06T20:00:59.768Z",
"dateUpdated": "2025-07-24T13:19:47.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4393 (GCVE-0-2025-4393)
Vulnerability from cvelistv5 – Published: 2025-07-24 03:22 – Updated: 2025-07-24 14:33
VLAI?
Title
Medtronic MyCareLink Patient Monitor Deserialization Vulnerability
Summary
Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges.
This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
Severity ?
6.5 (Medium)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | MyCareLink Patient Monitor 24950 |
Affected:
0 , < June 25, 2025
(custom)
|
|||||||
|
|||||||||
Credits
Ethan Morchy, with Somerset Recon
Carl Mann, independent researcher
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-24T14:33:13.440835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T14:33:18.381Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MyCareLink Patient Monitor 24950",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "June 25, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MyCareLink Patient Monitor 24952",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "June 25, 2025",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ethan Morchy, with Somerset Recon"
},
{
"lang": "en",
"type": "finder",
"value": "Carl Mann, independent researcher"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
}
],
"value": "Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-24T03:22:20.208Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Medtronic MyCareLink Patient Monitor Deserialization Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2025-4393",
"datePublished": "2025-07-24T03:22:20.208Z",
"dateReserved": "2025-05-06T20:00:56.804Z",
"dateUpdated": "2025-07-24T14:33:18.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-31222 (GCVE-0-2023-31222)
Vulnerability from cvelistv5 – Published: 2023-06-29 15:19 – Updated: 2024-11-26 19:27
VLAI?
Title
Medtronic Paceart MSMQ Deserialization of Untrusted Data
Summary
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or modified, or the Paceart Optima system being used for further network penetration via network connectivity.
Severity ?
9.8 (Critical)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | Paceart Optima |
Affected:
Versions 1.11 and earlier
|
Credits
Medtronic
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:53:30.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-31222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T19:27:12.478014Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T19:27:36.479Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Paceart Optima ",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "Versions 1.11 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Medtronic"
}
],
"datePublic": "2023-06-29T15:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deserialization of untrusted data\u0026nbsp;in Microsoft Messaging Queuing Service in Medtronic\u0027s Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;healthcare delivery organization\u2019s Paceart Optima system\u0026nbsp;cardiac device causing data to be deleted, stolen, or modified, or the Paceart Optima system being used for further network penetration\u003c/span\u003e\u0026nbsp;via network connectivity."
}
],
"value": "Deserialization of untrusted data\u00a0in Microsoft Messaging Queuing Service in Medtronic\u0027s Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a\u00a0healthcare delivery organization\u2019s Paceart Optima system\u00a0cardiac device causing data to be deleted, stolen, or modified, or the Paceart Optima system being used for further network penetration\u00a0via network connectivity."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-29T15:24:24.829Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Refer to Medtronic Security Bulletin:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html\"\u003ehttps://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html\u003c/a\u003e"
}
],
"value": "Refer to Medtronic Security Bulletin:\u00a0 https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html "
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Medtronic Paceart MSMQ Deserialization of Untrusted Data",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nRefer to Medtronic Security Bulletin: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html\"\u003ehttps://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html\u003c/a\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nRefer to Medtronic Security Bulletin: https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html \n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2023-31222",
"datePublished": "2023-06-29T15:19:22.621Z",
"dateReserved": "2023-04-25T17:42:44.778Z",
"dateUpdated": "2024-11-26T19:27:36.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25931 (GCVE-0-2023-25931)
Vulnerability from cvelistv5 – Published: 2023-03-01 18:56 – Updated: 2025-03-07 21:34
VLAI?
Title
Medtronic Micro Clinician & InterStim X Clinician App Password Reset Issue
Summary
Medtronic identified that the Pelvic Health clinician apps, which are installed on the Smart Programmer mobile device, have a password vulnerability that requires a security update to fix. Not updating could potentially result in unauthorized control of the clinician therapy application, which has greater control over therapy parameters than the patient app. Changes still cannot be made outside of the established therapy parameters of the programmer. For unauthorized access to occur, an individual would need physical access to the Smart Programmer.
Severity ?
6.4 (Medium)
CWE
- CWE-620 - Unverified Password Change
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | InsterStim Applications |
Affected:
Micro Clinician , < A51200
(custom)
Affected: InterStim X Clinician , < A51300 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:05.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/pelvic-health-interstim-micro.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25931",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-07T21:34:21.835531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-07T21:34:37.484Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "InsterStim Applications",
"vendor": "Medtronic",
"versions": [
{
"lessThan": "A51200",
"status": "affected",
"version": "Micro Clinician ",
"versionType": "custom"
},
{
"lessThan": "A51300",
"status": "affected",
"version": "InterStim X Clinician",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-03-02T20:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Medtronic identified that the Pelvic Health clinician apps, which are installed on the Smart Programmer mobile device, have a password vulnerability that requires a security update to fix. Not updating could potentially result in unauthorized control of the clinician therapy application, which has greater control over therapy parameters than the patient app. Changes still cannot be made outside of the established therapy parameters of the programmer. For unauthorized access to occur, an individual would need physical access to the Smart Programmer. \u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Medtronic identified that the Pelvic Health clinician apps, which are installed on the Smart Programmer mobile device, have a password vulnerability that requires a security update to fix. Not updating could potentially result in unauthorized control of the clinician therapy application, which has greater control over therapy parameters than the patient app. Changes still cannot be made outside of the established therapy parameters of the programmer. For unauthorized access to occur, an individual would need physical access to the Smart Programmer. \n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No known exploits.\u0026nbsp;"
}
],
"value": "No known exploits.\u00a0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-620",
"description": "CWE-620: Unverified Password Change",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-01T18:56:30.093Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/pelvic-health-interstim-micro.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Current versions of the application has mitigated this vulnerability. Please refer to the Medtronic Security Bulletin for update guidance.\u0026nbsp;\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Current versions of the application has mitigated this vulnerability. Please refer to the Medtronic Security Bulletin for update guidance.\u00a0\n\n"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Medtronic Micro Clinician \u0026 InterStim X Clinician App Password Reset Issue",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2023-25931",
"datePublished": "2023-03-01T18:56:30.093Z",
"dateReserved": "2023-02-16T17:24:51.595Z",
"dateUpdated": "2025-03-07T21:34:37.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32537 (GCVE-0-2022-32537)
Vulnerability from cvelistv5 – Published: 2022-11-17 20:47 – Updated: 2025-04-29 14:44
VLAI?
Title
Medtronic MiniMed 600 Series Pump System Communication Issue
Summary
A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance
Severity ?
4.8 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | Minimed 600 Series Insulin Pump |
Affected:
620G, 630G, 640G, 670G
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:46:43.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-263-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-600-series-communication-issue.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-32537",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T14:44:04.441292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T14:44:21.348Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Minimed 600 Series Insulin Pump",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "620G, 630G, 640G, 670G"
}
]
}
],
"datePublic": "2022-09-20T19:31:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance\u003cbr\u003e"
}
],
"value": "A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-12T12:51:56.582Z",
"orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"shortName": "Medtronic"
},
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-263-01"
},
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-600-series-communication-issue.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Medtronic MiniMed 600 Series Pump System Communication Issue",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
"assignerShortName": "Medtronic",
"cveId": "CVE-2022-32537",
"datePublished": "2022-11-17T20:47:05.258Z",
"dateReserved": "2022-06-07T21:26:39.432Z",
"dateUpdated": "2025-04-29T14:44:21.348Z",
"requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-27252 (GCVE-0-2020-27252)
Vulnerability from cvelistv5 – Published: 2020-12-14 19:19 – Updated: 2025-05-22 19:39
VLAI?
Title
Medtronic MyCareLink Smart Time-of-check Time-of-use Race Condition
Summary
Medtronic MyCareLink Smart 25000 is
vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device.
Severity ?
8.8 (High)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | Smart Model 25000 Patient Reader |
Affected:
All versions
|
Credits
Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:36.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Smart Model 25000 Patient Reader",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic MyCareLink Smart 25000 is \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device.\u003c/span\u003e\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Medtronic MyCareLink Smart 25000 is \n\nvulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T19:39:10.747Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\u003c/p\u003e\u003cp\u003eMedtronic has released additional \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003epatient focused information\u003c/a\u003e: \u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/xg-en/product-security/security-bulletins.html\"\u003ehttps://www.medtronic.com/xg-en/product-security/security-bulletins.html \u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security : \n\n https://www.medtronic.com/xg-en/product-security/security-bulletins.html https://www.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"source": {
"advisory": "ICSMA-20-345-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink Smart Time-of-check Time-of-use Race Condition",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMedtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\u003c/li\u003e\u003cli\u003eMedtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over home monitors.\u003cul\u003e\u003cli\u003eThis includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eUse only home monitors obtained directly from your healthcare provider or a Medtronic representative.\u003c/li\u003e\u003cli\u003ePatients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\n\n * Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\n * Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\n\n\nMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\n\n * Maintain good physical control over home monitors. * This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n\n\n\n * Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.\n * Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\n\n\nReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-25183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Smart 25000 Reader",
"version": {
"version_data": [
{
"version_value": "Smart 25000 all versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth to the patient\u2019s Smart Reader, fools the device into thinking its communicating with the actual smart phone application when executed in range of Bluetooth."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-27252",
"datePublished": "2020-12-14T19:19:00",
"dateReserved": "2020-10-19T00:00:00",
"dateUpdated": "2025-05-22T19:39:10.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25187 (GCVE-0-2020-25187)
Vulnerability from cvelistv5 – Published: 2020-12-14 19:18 – Updated: 2025-05-22 19:37
VLAI?
Title
Medtronic MyCareLink Smart Heap-based Buffer Overflow
Summary
Medtronic MyCareLink Smart 25000 is
vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart Patient Reader software stack. The heap overflow could allow an attacker to remotely execute code on the MCL Smart Patient Reader, potentially leading to control of the device
Severity ?
8.8 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | Smart Model 25000 Patient Reader |
Affected:
All versions
|
Credits
Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:26:10.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Smart Model 25000 Patient Reader",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic MyCareLink Smart 25000 is \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart Patient Reader software stack. The heap overflow could allow an attacker to remotely execute code on the MCL Smart Patient Reader, potentially leading to control of the device\u003c/span\u003e\n\n\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Medtronic MyCareLink Smart 25000 is \n\n\u00a0vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart Patient Reader software stack. The heap overflow could allow an attacker to remotely execute code on the MCL Smart Patient Reader, potentially leading to control of the device"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T19:37:12.795Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\u003c/p\u003e\u003cp\u003eMedtronic has released additional \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003epatient focused information\u003c/a\u003e: \u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/xg-en/product-security/security-bulletins.html\"\u003ehttps://www.medtronic.com/xg-en/product-security/security-bulletins.html \u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security : \n\n https://www.medtronic.com/xg-en/product-security/security-bulletins.html https://www.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"source": {
"advisory": "ICSMA-20-345-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink Smart Heap-based Buffer Overflow",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMedtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\u003c/li\u003e\u003cli\u003eMedtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over home monitors.\u003cul\u003e\u003cli\u003eThis includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eUse only home monitors obtained directly from your healthcare provider or a Medtronic representative.\u003c/li\u003e\u003cli\u003ePatients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\n\n * Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\n * Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\n\n\nMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\n\n * Maintain good physical control over home monitors. * This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n\n\n\n * Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.\n * Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\n\n\nReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-25183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Smart 25000 Reader",
"version": {
"version_data": [
{
"version_value": "Smart 25000 all versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth to the patient\u2019s Smart Reader, fools the device into thinking its communicating with the actual smart phone application when executed in range of Bluetooth."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-25187",
"datePublished": "2020-12-14T19:18:52",
"dateReserved": "2020-09-04T00:00:00",
"dateUpdated": "2025-05-22T19:37:12.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-25183 (GCVE-0-2020-25183)
Vulnerability from cvelistv5 – Published: 2020-12-14 19:18 – Updated: 2025-05-22 19:34
VLAI?
Title
Medtronic MyCareLink Smart Improper Authentication
Summary
Medtronic MyCareLink Smart 25000 contains
an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient’s smartphone to authenticate to the patient’s Medtronic Smart Reader, fooling the device into believing it is communicating with the original Medtronic smart phone application when executed within range of Bluetooth communication.
Severity ?
CWE
- CWE-287 - Improper Authentication
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medtronic | Smart Model 25000 Patient Reader |
Affected:
All versions
|
Credits
Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic.
Eric Gustafson, Sara Rampazzi, Paul Grosen, Christopher Kruegel, and Giovanni Vigna from the University of California Santa Barbara, University of Florida, and University of Michigan
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:26:09.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Smart Model 25000 Patient Reader",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic."
},
{
"lang": "en",
"type": "finder",
"value": "Eric Gustafson, Sara Rampazzi, Paul Grosen, Christopher Kruegel, and Giovanni Vigna from the University of California Santa Barbara, University of Florida, and University of Michigan"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic MyCareLink Smart 25000 contains \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ean authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient\u2019s smartphone to authenticate to the patient\u2019s Medtronic Smart Reader, fooling the device into believing it is communicating with the original Medtronic smart phone application when executed within range of Bluetooth communication.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Medtronic MyCareLink Smart 25000 contains \n\nan authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient\u2019s smartphone to authenticate to the patient\u2019s Medtronic Smart Reader, fooling the device into believing it is communicating with the original Medtronic smart phone application when executed within range of Bluetooth communication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T19:34:29.069Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\u003c/p\u003e\u003cp\u003eMedtronic has released additional \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003epatient focused information\u003c/a\u003e: \u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/xg-en/product-security/security-bulletins.html\"\u003ehttps://www.medtronic.com/xg-en/product-security/security-bulletins.html \u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security : \n\n https://www.medtronic.com/xg-en/product-security/security-bulletins.html https://www.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"source": {
"advisory": "ICSMA-20-345-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink Smart Improper Authentication",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMedtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\u003c/li\u003e\u003cli\u003eMedtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over home monitors.\u003cul\u003e\u003cli\u003eThis includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eUse only home monitors obtained directly from your healthcare provider or a Medtronic representative.\u003c/li\u003e\u003cli\u003ePatients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\n\n * Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\n * Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\n\n\nMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\n\n * Maintain good physical control over home monitors. * This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n\n\n\n * Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.\n * Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\n\n\nReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-25183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Smart 25000 Reader",
"version": {
"version_data": [
{
"version_value": "Smart 25000 all versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth to the patient\u2019s Smart Reader, fools the device into thinking its communicating with the actual smart phone application when executed in range of Bluetooth."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-25183",
"datePublished": "2020-12-14T19:18:44",
"dateReserved": "2020-09-04T00:00:00",
"dateUpdated": "2025-05-22T19:34:29.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13531 (GCVE-0-2019-13531)
Vulnerability from cvelistv5 – Published: 2019-11-08 19:46 – Updated: 2025-05-22 18:37
VLAI?
Title
Medtronic Valleylab FT10 and LS10 Improper Authentication
Summary
In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN—not available in the United States) version 1.20.2 and lower, the RFID security mechanism used for authentication between the FT10/LS10 Energy Platform and instruments can be bypassed, allowing for inauthentic instruments to connect to the generator.
Severity ?
4.8 (Medium)
CWE
- CWE-287 - Improper Authentication
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | Valleylab FT10 Energy Platform (VLFT10GEN) |
Affected:
0 , ≤ 2.1.0
(custom)
Affected: 0 , ≤ 2.0.3 (custom) |
|||||||
|
|||||||||
Credits
Medtronic reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "1.20.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Medtronic reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States) version 1.20.2 and lower, the RFID security mechanism used for authentication between the FT10/LS10 Energy Platform and instruments can be bypassed, allowing for inauthentic instruments to connect to the generator.\u003c/p\u003e"
}
],
"value": "In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States) version 1.20.2 and lower, the RFID security mechanism used for authentication between the FT10/LS10 Energy Platform and instruments can be bypassed, allowing for inauthentic instruments to connect to the generator."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:37:04.526Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA software patch is available now for the affected Valleylab platforms. If you suspect you are in possession of an instrument that is not FDA approved or cleared to be used with Medtronic Valleylab FT10 or LS10, please contact Medtronic or your medical device supplier. If you have concerns about FDA clearance or approval of current or future instruments, please contact your medical device supplier. Please contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/covidien/en-us/support/software.html\"\u003eMedtronic\u003c/a\u003e\u0026nbsp;to obtain the software patch.\u003c/p\u003e\u003cp\u003eMedtronic has released additional patient focused information at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "A software patch is available now for the affected Valleylab platforms. If you suspect you are in possession of an instrument that is not FDA approved or cleared to be used with Medtronic Valleylab FT10 or LS10, please contact Medtronic or your medical device supplier. If you have concerns about FDA clearance or approval of current or future instruments, please contact your medical device supplier. Please contact https://www.medtronic.com/security"
}
],
"source": {
"advisory": "ICSMA-19-311-01",
"discovery": "INTERNAL"
},
"title": "Medtronic Valleylab FT10 and LS10 Improper Authentication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"version": {
"version_data": [
{
"version_value": "version 2.1.0 and lower"
},
{
"version_value": "version 2.0.3 and lower"
}
]
}
},
{
"product_name": "Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States)",
"version": {
"version_data": [
{
"version_value": "version 1.20.2 and lower"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States) version 1.20.2 and lower, the RFID security mechanism used for authentication between the FT10/LS10 Energy Platform and instruments can be bypassed, allowing for inauthentic instruments to connect to the generator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-311-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13531",
"datePublished": "2019-11-08T19:46:45",
"dateReserved": "2019-07-11T00:00:00",
"dateUpdated": "2025-05-22T18:37:04.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13535 (GCVE-0-2019-13535)
Vulnerability from cvelistv5 – Published: 2019-11-08 19:45 – Updated: 2025-05-22 18:39
VLAI?
Title
Medtronic Valleylab FT10 and LS10 Protection Mechanism Failure
Summary
In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN—not available in the United States) version 1.20.2 and lower, the RFID security mechanism does not apply read protection, allowing for full read access of the RFID security mechanism data.
Severity ?
4.6 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | Valleylab FT10 Energy Platform (VLFT10GEN) |
Affected:
0 , ≤ 2.1.0
(custom)
Affected: 0 , ≤ 2.0.3 (custom) |
|||||||
|
|||||||||
Credits
Medtronic reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "2.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "1.20.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Medtronic reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nIn Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States) version 1.20.2 and lower, the RFID security mechanism does not apply read protection, allowing for full read access of the RFID security mechanism data.\n\n\u003c/p\u003e"
}
],
"value": "In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States) version 1.20.2 and lower, the RFID security mechanism does not apply read protection, allowing for full read access of the RFID security mechanism data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:39:28.797Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA software patch is available now for the affected Valleylab platforms. If you suspect you are in possession of an instrument that is not FDA approved or cleared to be used with Medtronic Valleylab FT10 or LS10, please contact Medtronic or your medical device supplier. If you have concerns about FDA clearance or approval of current or future instruments, please contact your medical device supplier. Please contact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/covidien/en-us/support/software.html\"\u003eMedtronic\u003c/a\u003e\u0026nbsp;to obtain the software patch.\u003c/p\u003e\u003cp\u003eMedtronic has released additional patient focused information at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "A software patch is available now for the affected Valleylab platforms. If you suspect you are in possession of an instrument that is not FDA approved or cleared to be used with Medtronic Valleylab FT10 or LS10, please contact Medtronic or your medical device supplier. If you have concerns about FDA clearance or approval of current or future instruments, please contact your medical device supplier. Please contact https://www.medtronic.com/security"
}
],
"source": {
"advisory": "ICSMA-19-311-01",
"discovery": "INTERNAL"
},
"title": "Medtronic Valleylab FT10 and LS10 Protection Mechanism Failure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13531",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"version": {
"version_data": [
{
"version_value": "version 2.1.0 and lower"
},
{
"version_value": "version 2.0.3 and lower"
}
]
}
},
{
"product_name": "Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States)",
"version": {
"version_data": [
{
"version_value": "version 1.20.2 and lower"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3 and lower, and Valleylab LS10 Energy Platform (VLLS10GEN\u2014not available in the United States) version 1.20.2 and lower, the RFID security mechanism used for authentication between the FT10/LS10 Energy Platform and instruments can be bypassed, allowing for inauthentic instruments to connect to the generator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-311-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13535",
"datePublished": "2019-11-08T19:45:55",
"dateReserved": "2019-07-11T00:00:00",
"dateUpdated": "2025-05-22T18:39:28.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13539 (GCVE-0-2019-13539)
Vulnerability from cvelistv5 – Published: 2019-11-08 19:07 – Updated: 2025-05-22 19:06
VLAI?
Title
Medtronic Valleylab FT10 and FX8 Reversible One-way Hash
Summary
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes.
Severity ?
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | Valleylab Exchange Client |
Affected:
0 , ≤ 3.4
(c)
|
||||||||||||
|
||||||||||||||
Credits
Medtronic reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valleylab Exchange Client",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "0",
"versionType": "c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "software version 4.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valleylab FX8 Energy Platform (VLFX8GEN)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "software version 1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Medtronic reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nMedtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes.\n\n\u003c/p\u003e"
}
],
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-328",
"description": "CWE-328",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T19:06:39.644Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-02"
},
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSoftware patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/covidien/en-us/support/software.html\"\u003ehttps://www.medtronic.com/covidien/en-us/support/software.html\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Software patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:\n\n https://www.medtronic.com/covidien/en-us/support/software.html \n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"source": {
"advisory": "ICSMA-19-311-02",
"discovery": "INTERNAL"
},
"title": "Medtronic Valleylab FT10 and FX8 Reversible One-way Hash",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Valleylab Exchange Client",
"version": {
"version_data": [
{
"version_value": "version 3.4 and below"
}
]
}
},
{
"product_name": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"version": {
"version_data": [
{
"version_value": "software version 4.0.0 and below"
}
]
}
},
{
"product_name": "Valleylab FX8 Energy Platform (VLFX8GEN)",
"version": {
"version_data": [
{
"version_value": "software version 1.1.0 and below"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CREDENTIALS CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13539",
"datePublished": "2019-11-08T19:07:59",
"dateReserved": "2019-07-11T00:00:00",
"dateUpdated": "2025-05-22T19:06:39.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13543 (GCVE-0-2019-13543)
Vulnerability from cvelistv5 – Published: 2019-11-08 19:03 – Updated: 2025-05-22 19:03
VLAI?
Title
Medtronic Valleylab FT10 and FX8 Use of Hard-coded Credentials
Summary
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device.
Severity ?
5.8 (Medium)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | Valleylab Exchange Client |
Affected:
0 , ≤ 3.4
(c)
|
||||||||||||
|
||||||||||||||
Credits
Medtronic reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valleylab Exchange Client",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "3.4",
"status": "affected",
"version": "0",
"versionType": "c"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "software version 4.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Valleylab FX8 Energy Platform (VLFX8GEN)",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "software version 1.1.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Medtronic reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device.\u003c/p\u003e"
}
],
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T19:03:49.976Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-02"
},
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSoftware patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/covidien/en-us/support/software.html\"\u003ehttps://www.medtronic.com/covidien/en-us/support/software.html\u003c/a\u003e\u003c/p\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Software patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:\n\n https://www.medtronic.com/covidien/en-us/support/software.html \n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"source": {
"advisory": "ICSMA-19-311-02",
"discovery": "INTERNAL"
},
"title": "Medtronic Valleylab FT10 and FX8 Use of Hard-coded Credentials",
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-13543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Valleylab Exchange Client",
"version": {
"version_data": [
{
"version_value": "version 3.4 and below"
}
]
}
},
{
"product_name": "Valleylab FT10 Energy Platform (VLFT10GEN)",
"version": {
"version_data": [
{
"version_value": "software version 4.0.0 and below"
}
]
}
},
{
"product_name": "Valleylab FX8 Energy Platform (VLFX8GEN)",
"version": {
"version_data": [
{
"version_value": "software version 1.1.0 and below"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CREDENTIALS CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-13543",
"datePublished": "2019-11-08T19:03:51",
"dateReserved": "2019-07-11T00:00:00",
"dateUpdated": "2025-05-22T19:03:49.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10964 (GCVE-0-2019-10964)
Vulnerability from cvelistv5 – Published: 2019-06-28 20:58 – Updated: 2025-05-22 18:29
VLAI?
Title
Medtronic MiniMed 508 and Paradigm Series Insulin Pumps Improper Access Control
Summary
Medtronic MiniMed Insulin Pumps
are designed to communicate using a wireless RF with other devices, such as blood glucose meters, glucose sensor transmitters, and CareLink USB devices. This wireless RF communication protocol does not properly implement authentication or authorization. An attacker with adjacent access to one of the affected insulin pump models can inject, replay, modify, and/or intercept data. This vulnerability could also allow attackers to change pump settings and control insulin delivery.
Severity ?
7.1 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | MiniMed 508 pump |
Affected:
All versions
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Based on earlier work performed by external researchers including Nathanael Paul, Jay Radcliffe, and Barnaby Jack, and from recent work performed by external researchers Billy Rios, Jonathan Butts, and Jesse Young, Medtronic performed additional variant analysis and reported this vulnerability
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-178-01"
},
{
"name": "108926",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108926"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MiniMed 508 pump",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 511 pump",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 512/712 pumps",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 712E pump",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 515/715 pumps",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 522/722 pumps",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 522K/722K pumps",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 523/723 pumps",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "Software Versions 2.4A",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm 523K/723K pumps",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "Software Versions 2.4A",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm Veo 554/754 pumps",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "Software Versions 2.6A",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MiniMed Paradigm Veo 554CM/754CM pumps",
"vendor": "Medtronic",
"versions": [
{
"lessThanOrEqual": "Software Versions 2.7A",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Based on earlier work performed by external researchers including Nathanael Paul, Jay Radcliffe, and Barnaby Jack, and from recent work performed by external researchers Billy Rios, Jonathan Butts, and Jesse Young, Medtronic performed additional variant analysis and reported this vulnerability"
}
],
"datePublic": "2019-06-27T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic MiniMed Insulin Pumps\u003c/span\u003e\n\n are designed to communicate using a wireless RF with other devices, such as blood glucose meters, glucose sensor transmitters, and CareLink USB devices. This wireless RF communication protocol does not properly implement authentication or authorization. An attacker with adjacent access to one of the affected insulin pump models can inject, replay, modify, and/or intercept data. This vulnerability could also allow attackers to change pump settings and control insulin delivery.\u003c/p\u003e"
}
],
"value": "Medtronic MiniMed Insulin Pumps\n\n are designed to communicate using a wireless RF with other devices, such as blood glucose meters, glucose sensor transmitters, and CareLink USB devices. This wireless RF communication protocol does not properly implement authentication or authorization. An attacker with adjacent access to one of the affected insulin pump models can inject, replay, modify, and/or intercept data. This vulnerability could also allow attackers to change pump settings and control insulin delivery."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:29:15.376Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-508-paradigm.html"
},
{
"name": "108926",
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-178-01"
},
{
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/108926"
}
],
"source": {
"advisory": "ICSMA-19-178-01",
"discovery": "INTERNAL"
},
"title": "Medtronic MiniMed 508 and Paradigm Series Insulin Pumps Improper Access Control",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic recommends U.S. patients who are currently using the affected products talk to their healthcare provider about changing to a newer model insulin pump with increased cybersecurity protection. Patients outside the U.S. will receive a notification letter with instructions based on the country where they live.\u003c/p\u003e\u003cp\u003eMedtronic recommends all patients take the cybersecurity precautions indicated below.\u003c/p\u003e\u003cp\u003eCYBERSECURITY PRECAUTIONS RECOMMENDED FOR ALL PATIENTS:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain tight physical control of the pump and devices connected to the pump\u003c/li\u003e\u003cli\u003eDo not share pump serial number\u003c/li\u003e\u003cli\u003eBe attentive to pump notifications, alarms, and alerts\u003c/li\u003e\u003cli\u003eImmediately cancel any unintended boluses (a single dose of insulin administered all at once)\u003c/li\u003e\u003cli\u003eDo not connect to any third-party devices or use any software not authorized by Medtronic\u003c/li\u003e\u003cli\u003eDisconnect CareLink USB devices from computers when not being used to download data from the pump\u003c/li\u003e\u003cli\u003eMonitor blood glucose levels closely and act as appropriate\u003c/li\u003e\u003cli\u003eGet medical help immediately when experiencing symptoms of severe hypoglycemia or diabetic ketoacidosis, or suspect an insulin pump settings, or insulin delivery have changed unexpectedly\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional patient-focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic recommends U.S. patients who are currently using the affected products talk to their healthcare provider about changing to a newer model insulin pump with increased cybersecurity protection. Patients outside the U.S. will receive a notification letter with instructions based on the country where they live.\n\nMedtronic recommends all patients take the cybersecurity precautions indicated below.\n\nCYBERSECURITY PRECAUTIONS RECOMMENDED FOR ALL PATIENTS:\n\n * Maintain tight physical control of the pump and devices connected to the pump\n * Do not share pump serial number\n * Be attentive to pump notifications, alarms, and alerts\n * Immediately cancel any unintended boluses (a single dose of insulin administered all at once)\n * Do not connect to any third-party devices or use any software not authorized by Medtronic\n * Disconnect CareLink USB devices from computers when not being used to download data from the pump\n * Monitor blood glucose levels closely and act as appropriate\n * Get medical help immediately when experiencing symptoms of severe hypoglycemia or diabetic ketoacidosis, or suspect an insulin pump settings, or insulin delivery have changed unexpectedly\n\n\nMedtronic has released additional patient-focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-10964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MiniMed 508 and Paradigm Series Insulin Pumps",
"version": {
"version_data": [
{
"version_value": "MiniMed 508 pump All versions"
},
{
"version_value": "MiniMed Paradigm 511 pump All versions"
},
{
"version_value": "MiniMed Paradigm 512/712 pump All versions"
},
{
"version_value": "MiniMed Paradigm 712E pump All versions"
},
{
"version_value": "MiniMed Paradigm 515/715 pumps\u2013All versions"
},
{
"version_value": "MiniMed Paradigm 522/722 pump\u2013All versions"
},
{
"version_value": "MiniMed Paradigm 522K/722K pumps\u2013All versions"
},
{
"version_value": "MiniMed Paradigm 523/723 pumps\u2013Software versions 2.4A or lower"
},
{
"version_value": "MiniMed Paradigm 523K/723K pumps versions 2.4A or lower"
},
{
"version_value": "MiniMed Paradigm Veo 554/754 pumps\u2013versions 2.6A or lower"
},
{
"version_value": "MiniMed Paradigm Veo 554CM and 754CM versions 2.7A or lower"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Medtronic MinMed 508 and Medtronic Minimed Paradigm Insulin Pumps, Versions, MiniMed 508 pump \u2013 All versions, MiniMed Paradigm 511 pump \u2013 All versions, MiniMed Paradigm 512/712 pumps \u2013 All versions, MiniMed Paradigm 712E pump\u2013All versions, MiniMed Paradigm 515/715 pumps\u2013All versions, MiniMed Paradigm 522/722 pumps \u2013 All versions,MiniMed Paradigm 522K/722K pumps \u2013 All versions, MiniMed Paradigm 523/723 pumps \u2013 Software versions 2.4A or lower, MiniMed Paradigm 523K/723K pumps \u2013 Software, versions 2.4A or lower, MiniMed Paradigm Veo 554/754 pumps \u2013 Software versions 2.6A or lower, MiniMed Paradigm Veo 554CM and 754CM models only \u2013 Software versions 2.7A or lower, the affected insulin pumps are designed to communicate using a wireless RF with other devices, such as blood glucose meters, glucose sensor transmitters, and CareLink USB devices. This wireless RF communication protocol does not properly implement authentication or authorization. An attacker with adjacent access to one of the affected insulin pump models can inject, replay, modify, and/or intercept data. This vulnerability could also allow attackers to change pump settings and control insulin delivery."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-178-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-178-01"
},
{
"name": "108926",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108926"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-10964",
"datePublished": "2019-06-28T20:58:07",
"dateReserved": "2019-04-08T00:00:00",
"dateUpdated": "2025-05-22T18:29:15.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6540 (GCVE-0-2019-6540)
Vulnerability from cvelistv5 – Published: 2019-03-26 17:47 – Updated: 2025-05-22 19:23
VLAI?
Title
Medtronic Conexus Radio Frequency Telemetry Protocol Cleartext Transmission of Sensitive Information
Summary
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data.
Severity ?
6.5 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | Conexus Radio Frequency Telemetry Protocol |
Affected:
All versions
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Peter Morgan of Clever Security; Dave Singelée and Bart Preneel of KU Leuven; Eduard Marin formerly of KU Leuven, currently with University of Birmingham; Flavio D. Garcia; Tom Chothia of the University of Birmingham; and Rik Willems of University Hospital Gasthuisberg Leuven reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:21.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
},
{
"name": "107544",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107544"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Conexus Radio Frequency Telemetry Protocol",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "24950"
},
{
"status": "affected",
"version": "24952"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "2490C"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CareLink 2090 Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Amplia CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Claria CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compia CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Concerto CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Concerto II CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Consulta CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Evera ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Maximo II CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Maximo II ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mirro ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Nayamed ND ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Primo ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Protecta ICD, Protecta CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secura ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Virtuoso ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Virtuoso II ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Visia AF ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Viva CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Brava CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mirro MRI ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Morgan of Clever Security; Dave Singel\u00e9e and Bart Preneel of KU Leuven; Eduard Marin formerly of KU Leuven, currently with University of Birmingham; Flavio D. Garcia; Tom Chothia of the University of Birmingham; and Rik Willems of University Hospital Gasthuisberg Leuven reported these vulnerabilities to CISA."
}
],
"datePublic": "2019-03-21T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data.\u003c/p\u003e"
}
],
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T19:23:42.770Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
},
{
"name": "107544",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107544"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eProtecta CRT-D and implantable cardioverter defibrillators (ICDs), all models\u003c/li\u003e\u003c/ul\u003e\u003cul\u003e\u003cli\u003eAmplia MRI CRT-D, all models (patch available in U.S. only)\u003c/li\u003e\u003cli\u003eClaria MRI CRT-D, all models (patch available in U.S. only)\u003c/li\u003e\u003cli\u003eCompia MRI CRT-D, all models (patch available in U.S. only)\u003c/li\u003e\u003cli\u003eVisia AF MRI ICD, all models\u003c/li\u003e\u003cli\u003eVisia AF ICD, all models \u003c/li\u003e\u003cli\u003eBrava CRT-D, all models \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\u003c/li\u003e\u003cli\u003eEvera MRI ICD, all models\u003c/li\u003e\u003cli\u003eEvera ICD, all models\u003c/li\u003e\u003cli\u003eMirro MRI ICD, all models\u003c/li\u003e\u003cli\u003ePrimo MRI ICD, all models\u003c/li\u003e\u003cli\u003eViva CRT-D, all models\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:\n\n\n * Protecta CRT-D and implantable cardioverter defibrillators (ICDs), all models\n\n\n * Amplia MRI CRT-D, all models (patch available in U.S. only)\n * Claria MRI CRT-D, all models (patch available in U.S. only)\n * Compia MRI CRT-D, all models (patch available in U.S. only)\n * Visia AF MRI ICD, all models\n * Visia AF ICD, all models \n * Brava CRT-D, all models \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n * Evera MRI ICD, all models\n * Evera ICD, all models\n * Mirro MRI ICD, all models\n * Primo MRI ICD, all models\n * Viva CRT-D, all models"
}
],
"source": {
"advisory": "ICSMA-19-080-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic Conexus Radio Frequency Telemetry Protocol Cleartext Transmission of Sensitive Information",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.\u003c/p\u003e\u003cp\u003eMedtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over home monitors and programmers.\u003c/li\u003e\u003cli\u003eUse only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.\u003c/li\u003e\u003cli\u003eDo not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.\u003c/li\u003e\u003cli\u003eOnly use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.\u003c/li\u003e\u003cli\u003eOnly use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\u003c/li\u003e\u003cli\u003eReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003epatient focused information\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.\n\nMedtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Maintain good physical control over home monitors and programmers.\n * Use only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.\n * Do not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.\n * Only use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.\n * Only use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n * Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\n\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security ."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-6540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "MyCareLink Monitor",
"version": {
"version_data": [
{
"version_value": "24950"
},
{
"version_value": "24952"
}
]
}
},
{
"product_name": "CareLink Monitor",
"version": {
"version_data": [
{
"version_value": "2490C"
}
]
}
},
{
"product_name": "CareLink 2090 Programmer",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Amplia CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Claria CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Compia CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Concerto CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Concerto II CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Consulta CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Evera ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Maximo II CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Maximo II ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Mirro ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Nayamed ND ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Primo ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Protecta ICD, Protecta CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Secura ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Virtuoso ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Virtuoso II ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Visia AF ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Viva CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
},
{
"name": "107544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107544"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-6540",
"datePublished": "2019-03-26T17:47:23",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2025-05-22T19:23:42.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-6538 (GCVE-0-2019-6538)
Vulnerability from cvelistv5 – Published: 2019-03-25 21:26 – Updated: 2025-05-22 19:26
VLAI?
Title
Medtronic Conexus Radio Frequency Telemetry Protocol Improper Access Control
Summary
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product’s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device.
Severity ?
9.3 (Critical)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | Conexus Radio Frequency Telemetry Protocol |
Affected:
All versions
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Peter Morgan of Clever Security; Dave Singelée and Bart Preneel of KU Leuven; Eduard Marin formerly of KU Leuven, currently with University of Birmingham; Flavio D. Garcia; Tom Chothia of the University of Birmingham; and Rik Willems of University Hospital Gasthuisberg Leuven reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:21.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "107544",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107544"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Conexus Radio Frequency Telemetry Protocol",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "24950"
},
{
"status": "affected",
"version": "24952"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "2490C"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CareLink 2090 Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Amplia CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Claria CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Compia CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Concerto CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Concerto II CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Consulta CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Evera ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Maximo II CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Maximo II ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mirro ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Nayamed ND ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Primo ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Protecta ICD, Protecta CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Secura ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Virtuoso ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Virtuoso II ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Visia AF ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Viva CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Brava CRT-D",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mirro MRI ICD",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Morgan of Clever Security; Dave Singel\u00e9e and Bart Preneel of KU Leuven; Eduard Marin formerly of KU Leuven, currently with University of Birmingham; Flavio D. Garcia; Tom Chothia of the University of Birmingham; and Rik Willems of University Hospital Gasthuisberg Leuven reported these vulnerabilities to CISA."
}
],
"datePublic": "2019-03-21T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nThe Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product\u2019s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device.\n\n\u003c/p\u003e"
}
],
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product\u2019s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T19:26:15.126Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
},
{
"name": "107544",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107544"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eProtecta CRT-D and implantable cardioverter defibrillators (ICDs), all models\u003c/li\u003e\u003c/ul\u003e\u003cul\u003e\u003cli\u003eAmplia MRI CRT-D, all models (patch available in U.S. only)\u003c/li\u003e\u003cli\u003eClaria MRI CRT-D, all models (patch available in U.S. only)\u003c/li\u003e\u003cli\u003eCompia MRI CRT-D, all models (patch available in U.S. only)\u003c/li\u003e\u003cli\u003eVisia AF MRI ICD, all models\u003c/li\u003e\u003cli\u003eVisia AF ICD, all models \u003c/li\u003e\u003cli\u003eBrava CRT-D, all models \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;\u003c/li\u003e\u003cli\u003eEvera MRI ICD, all models\u003c/li\u003e\u003cli\u003eEvera ICD, all models\u003c/li\u003e\u003cli\u003eMirro MRI ICD, all models\u003c/li\u003e\u003cli\u003ePrimo MRI ICD, all models\u003c/li\u003e\u003cli\u003eViva CRT-D, all models\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:\n\n\n * Protecta CRT-D and implantable cardioverter defibrillators (ICDs), all models\n\n\n * Amplia MRI CRT-D, all models (patch available in U.S. only)\n * Claria MRI CRT-D, all models (patch available in U.S. only)\n * Compia MRI CRT-D, all models (patch available in U.S. only)\n * Visia AF MRI ICD, all models\n * Visia AF ICD, all models \n * Brava CRT-D, all models \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n * Evera MRI ICD, all models\n * Evera ICD, all models\n * Mirro MRI ICD, all models\n * Primo MRI ICD, all models\n * Viva CRT-D, all models"
}
],
"source": {
"advisory": "ICSMA-19-080-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic Conexus Radio Frequency Telemetry Protocol Improper Access Control",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.\u003c/p\u003e\u003cp\u003eMedtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over home monitors and programmers.\u003c/li\u003e\u003cli\u003eUse only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.\u003c/li\u003e\u003cli\u003eDo not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.\u003c/li\u003e\u003cli\u003eOnly use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.\u003c/li\u003e\u003cli\u003eOnly use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\u003c/li\u003e\u003cli\u003eReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003epatient focused information\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.\n\nMedtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Maintain good physical control over home monitors and programmers.\n * Use only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.\n * Do not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.\n * Only use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.\n * Only use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n * Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\n\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security ."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-6540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "MyCareLink Monitor",
"version": {
"version_data": [
{
"version_value": "24950"
},
{
"version_value": "24952"
}
]
}
},
{
"product_name": "CareLink Monitor",
"version": {
"version_data": [
{
"version_value": "2490C"
}
]
}
},
{
"product_name": "CareLink 2090 Programmer",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Amplia CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Claria CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Compia CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Concerto CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Concerto II CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Consulta CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Evera ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Maximo II CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Maximo II ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Mirro ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Nayamed ND ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Primo ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Protecta ICD, Protecta CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Secura ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Virtuoso ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Virtuoso II ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Visia AF ICD",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
},
{
"product_name": "Viva CRT-D",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
},
{
"name": "107544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107544"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-6538",
"datePublished": "2019-03-25T21:26:03",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2025-05-22T19:26:15.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18984 (GCVE-0-2018-18984)
Vulnerability from cvelistv5 – Published: 2018-12-14 15:00 – Updated: 2025-05-22 16:40
VLAI?
Title
Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers Missing Encryption of Sensitive Data
Summary
Medtronic CareLink and Encore Programmers
do not encrypt or do not sufficiently encrypt sensitive
PII and PHI information while at rest .
Severity ?
4.6 (Medium)
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | CareLink 9790 Programmer |
Affected:
All versions
|
||||||||||||
|
||||||||||||||
Credits
Researchers Billy Rios and Jonathan Butts of Whitescope LLC reported this vulnerability
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:23:08.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106215"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CareLink 9790 Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CareLink 2090 Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "29901 Encore Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Researchers Billy Rios and Jonathan Butts of Whitescope LLC reported this vulnerability"
}
],
"datePublic": "2018-12-14T07:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic CareLink and Encore Programmers\u003c/span\u003e\n\n do not encrypt or do not sufficiently encrypt sensitive \nPII and PHI information while at rest .\u003c/p\u003e"
}
],
"value": "Medtronic CareLink and Encore Programmers\n\n do not encrypt or do not sufficiently encrypt sensitive \nPII and PHI information while at rest ."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T16:40:53.366Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "106215",
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-9790-2090-29901.html"
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01"
},
{
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/106215"
}
],
"source": {
"advisory": "ICSMA-18-347-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers Missing Encryption of Sensitive Data",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe CareLink 9790 Programmer has been placed into end-of-life status and is no longer supported by Medtronic. Medtronic recommends users no longer use the 9790 for any purpose.\u003c/p\u003e\u003cp\u003eThe CareLink 2090 and 29901 Encore programmers store PHI and PII as part of their normal operating procedure. Medtronic recommends that when devices are storing PHI/PII it should be retained on these programmers for the least amount of time necessary, and should be handled, managed and secured in a manner consistent with the applicable laws for patient data privacy. Please contact a Medtronic representative for proper disposal and PHI/PII retention setting instructions.\u003c/p\u003e\u003cp\u003eAll affected programmers allow for the manual deletion of programmer-generated reports, which could contain PHI/PII. Medtronic recommends users delete these reports when no longer needed and prior to any disposition of the programmer.\u003c/p\u003e\u003cp\u003eMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, hospitals and clinicians should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain strict physical control of the programmer.\u003c/li\u003e\u003cli\u003eUse only legitimately obtained programmers and not ones provided by any third party.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eProper disposal of these programmers and the associated electronic media storing data is critical for the continued protection of any PHI and PII residing on the programmer.\u003c/p\u003e\u003cp\u003eMedtronic has released a security bulletin related to this advisory that is available, with contact information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "The CareLink 9790 Programmer has been placed into end-of-life status and is no longer supported by Medtronic. Medtronic recommends users no longer use the 9790 for any purpose.\n\nThe CareLink 2090 and 29901 Encore programmers store PHI and PII as part of their normal operating procedure. Medtronic recommends that when devices are storing PHI/PII it should be retained on these programmers for the least amount of time necessary, and should be handled, managed and secured in a manner consistent with the applicable laws for patient data privacy. Please contact a Medtronic representative for proper disposal and PHI/PII retention setting instructions.\n\nAll affected programmers allow for the manual deletion of programmer-generated reports, which could contain PHI/PII. Medtronic recommends users delete these reports when no longer needed and prior to any disposition of the programmer.\n\nMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, hospitals and clinicians should:\n\n * Maintain strict physical control of the programmer.\n * Use only legitimately obtained programmers and not ones provided by any third party.\n\n\nProper disposal of these programmers and the associated electronic media storing data is critical for the continued protection of any PHI and PII residing on the programmer.\n\nMedtronic has released a security bulletin related to this advisory that is available, with contact information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2018-18984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions, The affected products do not encrypt or do not sufficiently encrypt the following sensitive information while at rest PII and PHI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MISSING ENCRPTION OF SENSITIVE DATA CWE-311"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106215"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-347-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-18984",
"datePublished": "2018-12-14T15:00:00",
"dateReserved": "2018-11-06T00:00:00",
"dateUpdated": "2025-05-22T16:40:53.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14781 (GCVE-0-2018-14781)
Vulnerability from cvelistv5 – Published: 2018-08-13 22:00 – Updated: 2025-05-22 16:33
VLAI?
Title
Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Authentication Bypass by Capture-replay
Summary
Medtronic MiniMed MMT
devices when paired with a remote controller and having the “easy bolus” and “remote bolus” options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery.
Severity ?
5.3 (Medium)
CWE
- CWE-294 - Authentication Bypass by Capture-replay
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | MMT- 508 - MiniMed pump |
Affected:
All versions
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:13.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
},
{
"name": "105044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105044"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MMT- 508 - MiniMed pump",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 511 pump Paradigm",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 512 / MMT \u2013 712 Paradigm x12",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 515 / MMT \u2013 715 Paradigm x15",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 522 / MMT \u2013 722 Paradigm REAL-TIME",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 522(K) / MMT \u2013 722(K) Paradigm REAL-TIME",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 523 / MMT \u2013 723 Paradigm Revel",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 523(K) / MMT \u2013 723(K) Paradigm",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 554 / MMT \u2013 754 MiniMed Veo",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 551 / MMT \u2013 751 MiniMed 530G",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA."
}
],
"datePublic": "2018-08-08T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic MiniMed MMT \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edevices when paired with a remote controller and having the \u201ceasy bolus\u201d and \u201cremote bolus\u201d options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Medtronic MiniMed MMT \n\ndevices when paired with a remote controller and having the \u201ceasy bolus\u201d and \u201cremote bolus\u201d options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-294",
"description": "CWE-294 Authentication Bypass by Capture-replay",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T16:33:08.385Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html"
},
{
"name": "105044",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
},
{
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/105044"
}
],
"source": {
"advisory": "ICSMA-18-219-02",
"discovery": "EXTERNAL"
},
"title": "Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Authentication Bypass by Capture-replay",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe remote option is turned off in the pump by default. \u0026nbsp;\u003c/p\u003e\u003cp\u003eMedtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. \u003c/p\u003e\u003cp\u003eMedtronic has released \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003eadditional patient focused information\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eAdditionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic. \u003c/p\u003e"
}
],
"value": "The remote option is turned off in the pump by default. \u00a0\n\nMedtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. \n\nMedtronic has released additional patient focused information https://www.medtronic.com/security .\n\nAdditionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-08-08T00:00:00",
"ID": "CVE-2018-10634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic insulin pump",
"version": {
"version_data": [
{
"version_value": "MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
},
{
"name": "105044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105044"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-14781",
"datePublished": "2018-08-13T22:00:00Z",
"dateReserved": "2018-08-01T00:00:00",
"dateUpdated": "2025-05-22T16:33:08.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10634 (GCVE-0-2018-10634)
Vulnerability from cvelistv5 – Published: 2018-08-13 22:00 – Updated: 2025-05-22 16:28
VLAI?
Title
Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information
Summary
Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.
Severity ?
4.8 (Medium)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Medtronic | MMT- 508 - MiniMed pump |
Affected:
All versions
|
|||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Credits
Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
},
{
"name": "105044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105044"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MMT- 508 - MiniMed pump",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 511 pump Paradigm",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 512 / MMT \u2013 712 Paradigm x12",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 515 / MMT \u2013 715 Paradigm x15",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 522 / MMT \u2013 722 Paradigm REAL-TIME",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 522(K) / MMT \u2013 722(K) Paradigm REAL-TIME",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 523 / MMT \u2013 723 Paradigm Revel",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 523(K) / MMT \u2013 723(K) Paradigm",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 554 / MMT \u2013 754 MiniMed Veo",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MMT \u2013 551 / MMT \u2013 751 MiniMed 530G",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA."
}
],
"datePublic": "2018-08-08T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCommunications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T16:28:03.155Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html"
},
{
"name": "105044",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
},
{
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/105044"
}
],
"source": {
"advisory": "ICSMA-18-219-02",
"discovery": "EXTERNAL"
},
"title": "Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe remote option is turned off in the pump by default. \u0026nbsp;\u003c/p\u003e\u003cp\u003eMedtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. \u003c/p\u003e\u003cp\u003eMedtronic has released \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003eadditional patient focused information\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eAdditionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic. \u003c/p\u003e"
}
],
"value": "The remote option is turned off in the pump by default. \u00a0\n\nMedtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. \n\nMedtronic has released additional patient focused information https://www.medtronic.com/security .\n\nAdditionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-08-08T00:00:00",
"ID": "CVE-2018-10634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic insulin pump",
"version": {
"version_data": [
{
"version_value": "MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
},
{
"name": "105044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105044"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10634",
"datePublished": "2018-08-13T22:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2025-05-22T16:28:03.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10622 (GCVE-0-2018-10622)
Vulnerability from cvelistv5 – Published: 2018-08-10 18:00 – Updated: 2025-05-22 16:12
VLAI?
Title
Medtronic MyCareLink 24950 Patient Monitor Storing Passwords in a Recoverable Format
Summary
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest.
Severity ?
4.9 (Medium)
CWE
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | 24950 MyCareLink Monitor |
Affected:
All versions
|
|||||||
|
|||||||||
Credits
Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:47.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105042"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "24950 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "24952 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities"
}
],
"datePublic": "2018-08-07T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic MyCareLink Patient Monitor \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003euses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-257",
"description": "CWE-257",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T16:12:44.522Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "105042",
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-8-7-18.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
},
{
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/105042"
}
],
"source": {
"advisory": "ICSMA-18-219-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink 24950 Patient Monitor Storing Passwords in a Recoverable Format",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has made server-side updates to address the insufficient verification vulnerability identified in this advisory. Medtronic is implementing additional server-side mitigations to enhance data integrity and authenticity.\u003c/p\u003e\u003cp\u003eMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over the home monitor.\u003c/li\u003e\u003cli\u003eOnly use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has made server-side updates to address the insufficient verification vulnerability identified in this advisory. Medtronic is implementing additional server-side mitigations to enhance data integrity and authenticity.\n\nMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, users should:\n\n * Maintain good physical control over the home monitor.\n * Only use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system.\n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-08-07T00:00:00",
"ID": "CVE-2018-10626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink 24950, 24952 Patient Monitor",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product\u0027s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INSUFFICIENT VERIFICATION OF DATA AUTHENTICITY CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105042"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10622",
"datePublished": "2018-08-10T18:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2025-05-22T16:12:44.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10626 (GCVE-0-2018-10626)
Vulnerability from cvelistv5 – Published: 2018-08-10 18:00 – Updated: 2025-05-22 16:13
VLAI?
Title
Medtronic MyCareLink 24950 Patient Monitor Insufficient Verification of Data Authenticity
Summary
Medtronic MyCareLink Patient Monitor’s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network.
Severity ?
4.4 (Medium)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | 24950 MyCareLink Monitor |
Affected:
All versions
|
|||||||
|
|||||||||
Credits
Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:45.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105042",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105042"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "24950 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "24952 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities"
}
],
"datePublic": "2018-08-07T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic MyCareLink Patient Monitor\u2019s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Medtronic MyCareLink Patient Monitor\u2019s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T16:13:52.072Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "105042",
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-8-7-18.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
},
{
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/105042"
}
],
"source": {
"advisory": "ICSMA-18-219-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink 24950 Patient Monitor Insufficient Verification of Data Authenticity",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has made server-side updates to address the insufficient verification vulnerability identified in this advisory. Medtronic is implementing additional server-side mitigations to enhance data integrity and authenticity.\u003c/p\u003e\u003cp\u003eMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over the home monitor.\u003c/li\u003e\u003cli\u003eOnly use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has made server-side updates to address the insufficient verification vulnerability identified in this advisory. Medtronic is implementing additional server-side mitigations to enhance data integrity and authenticity.\n\nMedtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, users should:\n\n * Maintain good physical control over the home monitor.\n * Only use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system.\n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-08-07T00:00:00",
"ID": "CVE-2018-10626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink 24950, 24952 Patient Monitor",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product\u0027s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "INSUFFICIENT VERIFICATION OF DATA AUTHENTICITY CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105042"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10626",
"datePublished": "2018-08-10T18:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2025-05-22T16:13:52.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10631 (GCVE-0-2018-10631)
Vulnerability from cvelistv5 – Published: 2018-07-13 19:00 – Updated: 2025-08-26 14:26
VLAI?
Title
Medtronic N'Vision Clinician Programmer Protection Mechanism Failure
Summary
The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer.
Severity ?
6.3 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | 8840 N’Vision Clinician Programmer |
Affected:
All versions
|
|||||||
|
|||||||||
Credits
Billy Rios and Jonathan Butts of Whitescope LLC reported this vulnerability
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.medtronic.com/security"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ics_cert:medtronic_n_vision_clinician_programmer:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "medtronic_n_vision_clinician_programmer",
"vendor": "ics_cert",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "8840_n_vision_clinician_programmer",
"versionType": "custom"
},
{
"status": "affected",
"version": "8870_n_vision_removable_application_card"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-10631",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T18:07:51.945413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T14:26:52.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "8840 N\u2019Vision Clinician Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "8870 N\u2019Vision removable Application Card",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios and Jonathan Butts of Whitescope LLC reported this vulnerability"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer."
}
],
"value": "The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-27T16:19:26.179Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/nvision.html"
},
{
"url": "https://www.medtronic.com/security"
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01"
},
{
"url": "http://www.securityfocus.com/bid/104213"
}
],
"source": {
"advisory": "ICSMA-18-137-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic N\u0027Vision Clinician Programmer Protection Mechanism Failure",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has not developed a product update to address the vulnerabilities, but is reinforcing security reminders within this advisory to help reduce the risk associated with the vulnerabilities.\u003c/p\u003e\u003cp\u003eThe 8870 Therapy Application card stores PHI and PII as part of its normal operating procedure and should be handled, managed and secured in a manner consistent with the applicable laws for patient data privacy.\u003c/p\u003e\u003cp\u003eMedtronic recommends users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, hospitals and clinicians should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain strict physical control of the 8870 application card.\u003c/li\u003e\u003cli\u003eUse only legitimately obtained 8870 cards and not cards provided by any third party as firmware and system updates are provided directly by Medtronic using new 8870 application cards.\u003c/li\u003e\u003cli\u003e8840 Programmers and 8870 Therapy Application compact flash cards are the property of Medtronic and should be returned to Medtronic when no longer in use. If that is not an option, you should securely dispose of them.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e"
}
],
"value": "Medtronic has not developed a product update to address the vulnerabilities, but is reinforcing security reminders within this advisory to help reduce the risk associated with the vulnerabilities.\n\nThe 8870 Therapy Application card stores PHI and PII as part of its normal operating procedure and should be handled, managed and secured in a manner consistent with the applicable laws for patient data privacy.\n\nMedtronic recommends users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, hospitals and clinicians should:\n\n * Maintain strict physical control of the 8870 application card.\n * Use only legitimately obtained 8870 cards and not cards provided by any third party as firmware and system updates are provided directly by Medtronic using new 8870 application cards.\n * 8840 Programmers and 8870 Therapy Application compact flash cards are the property of Medtronic and should be returned to Medtronic when no longer in use. If that is not an option, you should securely dispose of them.\n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_ConverterErrors": {
"DATE_PUBLIC": {
"error": "v4 DATE_PUBLIC is invalid",
"message": "month must be in 1..12"
}
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2017-50-17T00:00:00",
"ID": "CVE-2018-10631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic N\u0027Vision Clinician Programmer",
"version": {
"version_data": [
{
"version_value": "8840 N\u0027Vision Clinician Programmer, all versions, and 8870 N\u0027Vision removable Application Card, all versions."
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic N\u0027Vision Clinician Programmer 8840 N\u0027Vision Clinician Programmer, all versions, and 8870 N\u0027Vision removable Application Card, all versions. The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "PROTECTION MECHANISM FAILURE CWE-693"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01"
},
{
"name": "https://www.medtronic.com/security",
"refsource": "MISC",
"url": "https://www.medtronic.com/security"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10631",
"datePublished": "2018-07-13T19:00:00.000Z",
"dateReserved": "2018-05-01T00:00:00.000Z",
"dateUpdated": "2025-08-26T14:26:52.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8868 (GCVE-0-2018-8868)
Vulnerability from cvelistv5 – Published: 2018-07-02 18:00 – Updated: 2025-05-22 18:14
VLAI?
Title
Medtronic MyCareLink Patient Monitor Exposed Dangerous Method or Function
Summary
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit other vulnerabilities to access this debug functionality. This debug functionality provides the ability to read and write arbitrary memory values to implantable cardiac devices via inductive or short range wireless protocols. An attacker with close physical proximity to a target implantable cardiac device can use this debug functionality.
Severity ?
6.2 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | 24950 MyCareLink Monitor |
Affected:
All versions
|
|||||||
|
|||||||||
Credits
Peter Morgan of Clever Security reported this vulnerability
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:46.236Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "24950 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "24952 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Morgan of Clever Security reported this vulnerability"
}
],
"datePublic": "2018-06-29T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\nMedtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor\u0027s communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit other vulnerabilities to access this debug functionality. This debug functionality provides the ability to read and write arbitrary memory values to implantable cardiac devices via inductive or short range wireless protocols. An attacker with close physical proximity to a target implantable cardiac device can use this debug functionality.\n\n\u003c/p\u003e"
}
],
"value": "Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor\u0027s communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit other vulnerabilities to access this debug functionality. This debug functionality provides the ability to read and write arbitrary memory values to implantable cardiac devices via inductive or short range wireless protocols. An attacker with close physical proximity to a target implantable cardiac device can use this debug functionality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:14:07.710Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-6-28-18.html"
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic will release several rolling over-the-air product updates that will mitigate the vulnerabilities described within this advisory. These updates will be applied to devices automatically as part of standard, reoccurring update processes. In addition, Medtronic has increased security monitoring of affected devices and related infrastructure. \u003c/span\u003e\n\n\u003c/div\u003e\n\n\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic will release several rolling over-the-air product updates that will mitigate the vulnerabilities described within this advisory. These updates will be applied to devices automatically as part of standard, reoccurring update processes. In addition, Medtronic has increased security monitoring of affected devices and related infrastructure. \n\n\n\n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"source": {
"advisory": "ICSMA-18-179-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink Patient Monitor Exposed Dangerous Method or Function",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic recommends users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical controls over the home monitor as the best mitigation to these vulnerabilities. \u0026nbsp;\u003c/li\u003e\u003cli\u003eOnly use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system. \u003c/li\u003e\u003cli\u003eReport any concerning behavior regarding their home monitor to their healthcare provider or a Medtronic representative. \u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic recommends users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Maintain good physical controls over the home monitor as the best mitigation to these vulnerabilities. \u00a0\n * Only use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system. \n * Report any concerning behavior regarding their home monitor to their healthcare provider or a Medtronic representative. \n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-06-29T00:00:00",
"ID": "CVE-2018-8870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Patient Monitor",
"version": {
"version_data": [
{
"version_value": "24950 MyCareLink Monitor, all versions, 24952 MyCareLink Monitor, all versions."
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED PASSWORD CWE-259"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-8868",
"datePublished": "2018-07-02T18:00:00Z",
"dateReserved": "2018-03-20T00:00:00",
"dateUpdated": "2025-05-22T18:14:07.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10596 (GCVE-0-2018-10596)
Vulnerability from cvelistv5 – Published: 2018-07-02 18:00 – Updated: 2025-05-22 17:36
VLAI?
Title
Medtronic 2090 Carelink Programmer Improper Restriction of Communication Channel to Intended Endpoints
Summary
Medtronic 2090 CareLink Programmer
uses a virtual private network connection to securely download updates. It does not verify it is still connected to this virtual private network before downloading updates. The affected products initially establish an encapsulated IP-based VPN connection to a Medtronic-hosted update network. Once the VPN is established, it makes a request to a HTTP (non-TLS) server across the VPN for updates, which responds and provides any available updates. The programmer-side (client) service responsible for this HTTP request does not check to ensure it is still connected to the VPN before making the HTTP request. Thus, an attacker could cause the VPN connection to terminate (through various methods and attack points) and intercept the HTTP request, responding with malicious updates via a man-in-the-middle attack. The affected products do not verify the origin or integrity of these updates, as it insufficiently relied on the security of the VPN. An attacker with remote network access to the programmer could influence these communications.
Severity ?
7.1 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | 2090 CareLink Programmer |
Affected:
All versions
|
|||||||
|
|||||||||
Credits
Billy Rios and Jonathan Butts of Whitescope LLC identified these vulnerabilities and reported them to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:39:08.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "2090 CareLink Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "29901 Encore Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios and Jonathan Butts of Whitescope LLC identified these vulnerabilities and reported them to CISA."
}
],
"datePublic": "2018-06-29T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic 2090 CareLink Programmer \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003euses a virtual private network connection to securely download updates. It does not verify it is still connected to this virtual private network before downloading updates. The affected products initially establish an encapsulated IP-based VPN connection to a Medtronic-hosted update network. Once the VPN is established, it makes a request to a HTTP (non-TLS) server across the VPN for updates, which responds and provides any available updates. The programmer-side (client) service responsible for this HTTP request does not check to ensure it is still connected to the VPN before making the HTTP request. Thus, an attacker could cause the VPN connection to terminate (through various methods and attack points) and intercept the HTTP request, responding with malicious updates via a man-in-the-middle attack. The affected products do not verify the origin or integrity of these updates, as it insufficiently relied on the security of the VPN. An attacker with remote network access to the programmer could influence these communications.\u003c/span\u003e\n\n\u003c/p\u003e"
}
],
"value": "Medtronic 2090 CareLink Programmer \n\nuses a virtual private network connection to securely download updates. It does not verify it is still connected to this virtual private network before downloading updates. The affected products initially establish an encapsulated IP-based VPN connection to a Medtronic-hosted update network. Once the VPN is established, it makes a request to a HTTP (non-TLS) server across the VPN for updates, which responds and provides any available updates. The programmer-side (client) service responsible for this HTTP request does not check to ensure it is still connected to the VPN before making the HTTP request. Thus, an attacker could cause the VPN connection to terminate (through various methods and attack points) and intercept the HTTP request, responding with malicious updates via a man-in-the-middle attack. The affected products do not verify the origin or integrity of these updates, as it insufficiently relied on the security of the VPN. An attacker with remote network access to the programmer could influence these communications."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-923",
"description": "CWE-923",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T17:36:04.656Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-2090-29901.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-058-01"
}
],
"source": {
"advisory": "ICSMA-18-058-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic 2090 Carelink Programmer Improper Restriction of Communication Channel to Intended Endpoints",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has assessed the vulnerabilities and determined that no new potential safety risks were identified. In order to enhance system security, Medtronic has added periodic integrity checks for files associated with the software deployment network. Additionally, Medtronic has developed server-side security changes that further enhance security. Medtronic reports that they will not be issuing a product update; however, Medtronic has identified compensating controls within this advisory to reduce the risk of exploitation and reiterates the following from the CareLink 2090 Programmer Reference Manual:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical controls over the programmer. Having a secure physical environment prevents access to the internals of the programmer.\u003c/li\u003e\u003cli\u003eOnly connect the programmer to managed, secure networks.\u003c/li\u003e\u003cli\u003eUpdate the software on the programmer when Medtronic updates are available.\u003c/li\u003e\u003cli\u003eAlternatively, disconnect the programmer from the network. Network connectivity is not required for normal programmer operation. \u003c/li\u003e\u003cli\u003eOffline updates are available, contact your Medtronic representative for more information.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has deployed mitigating patches to address the reported vulnerabilities. Medtronic has also stated that they have increased security controls associated with these vulnerabilities. As a result of the available mitigating patches, Medtronic has re-enabled the network-based software update mechanism.\u003c/p\u003e\u003cp\u003eMedtronic has stated that the patch for affected products can be obtained by contacting Medtronic Technical Services at 800\u2011638\u20111991.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eAfter additional review and risk evaluation of the affected products, Medtronic has disabled the network-based software update mechanism, including both the VPN and the HTTP subservices, as an immediate security mitigation. Users should not attempt to update the affected products over the network as this update mechanism is vulnerable to the attack described in section 4.2.3. Medtronic will continue to implement and deploy increased security protections and mitigations to address the vulnerabilities in this advisory.\u003c/p\u003e\u003cp\u003eUsers should still obtain and apply updates via controlled USB dongles and should contact their Medtronic representative for more information.\u003c/p\u003e\u003cp\u003eMedtronic recommends that affected products continue to be used for their intended purpose in the previously described manner.\u003cbr\u003e\u003cbr\u003eMedtronic has released a security bulletin for the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003e2090 CareLink Programmer\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has assessed the vulnerabilities and determined that no new potential safety risks were identified. In order to enhance system security, Medtronic has added periodic integrity checks for files associated with the software deployment network. Additionally, Medtronic has developed server-side security changes that further enhance security. Medtronic reports that they will not be issuing a product update; however, Medtronic has identified compensating controls within this advisory to reduce the risk of exploitation and reiterates the following from the CareLink 2090 Programmer Reference Manual:\n\n * Maintain good physical controls over the programmer. Having a secure physical environment prevents access to the internals of the programmer.\n * Only connect the programmer to managed, secure networks.\n * Update the software on the programmer when Medtronic updates are available.\n * Alternatively, disconnect the programmer from the network. Network connectivity is not required for normal programmer operation. \n * Offline updates are available, contact your Medtronic representative for more information.\n\n\nMedtronic has deployed mitigating patches to address the reported vulnerabilities. Medtronic has also stated that they have increased security controls associated with these vulnerabilities. As a result of the available mitigating patches, Medtronic has re-enabled the network-based software update mechanism.\n\nMedtronic has stated that the patch for affected products can be obtained by contacting Medtronic Technical Services at 800\u2011638\u20111991.\n\n\nAfter additional review and risk evaluation of the affected products, Medtronic has disabled the network-based software update mechanism, including both the VPN and the HTTP subservices, as an immediate security mitigation. Users should not attempt to update the affected products over the network as this update mechanism is vulnerable to the attack described in section 4.2.3. Medtronic will continue to implement and deploy increased security protections and mitigations to address the vulnerabilities in this advisory.\n\nUsers should still obtain and apply updates via controlled USB dongles and should contact their Medtronic representative for more information.\n\nMedtronic recommends that affected products continue to be used for their intended purpose in the previously described manner.\n\nMedtronic has released a security bulletin for the 2090 CareLink Programmer https://www.medtronic.com/security ."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-06-29T00:00:00",
"ID": "CVE-2018-10596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic 2090 CareLink Programmer",
"version": {
"version_data": [
{
"version_value": "2090 CareLink Programmer, all versions."
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic 2090 CareLink Programmer all versions The affected product uses a virtual private network connection to securely download updates. The product does not verify it is still connected to this virtual private network before downloading updates. An attacker with local network access to the programmer could influence these communications."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF COMMUNICATION CHANNEL TO INTENDED ENDPOINTS CWE-923"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10596",
"datePublished": "2018-07-02T18:00:00Z",
"dateReserved": "2018-05-01T00:00:00",
"dateUpdated": "2025-05-22T17:36:04.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8870 (GCVE-0-2018-8870)
Vulnerability from cvelistv5 – Published: 2018-07-02 18:00 – Updated: 2025-05-22 18:10
VLAI?
Title
Medtronic MyCareLink Patient Monitor Use of Hard-coded Password
Summary
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system.
Severity ?
6.4 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | 24950 MyCareLink Monitor |
Affected:
All versions
|
|||||||
|
|||||||||
Credits
Peter Morgan of Clever Security reported this vulnerability
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:47.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "24950 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "24952 MyCareLink Monitor",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Morgan of Clever Security reported this vulnerability"
}
],
"datePublic": "2018-06-29T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system.\u003c/p\u003e"
}
],
"value": "Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T18:10:03.426Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-6-28-18.html"
},
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedtronic will release several rolling over-the-air product updates that will mitigate the vulnerabilities described within this advisory. These updates will be applied to devices automatically as part of standard, reoccurring update processes. In addition, Medtronic has increased security monitoring of affected devices and related infrastructure. \u003c/span\u003e\n\n\u003c/div\u003e\n\n\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic will release several rolling over-the-air product updates that will mitigate the vulnerabilities described within this advisory. These updates will be applied to devices automatically as part of standard, reoccurring update processes. In addition, Medtronic has increased security monitoring of affected devices and related infrastructure. \n\n\n\n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"source": {
"advisory": "ICSMA-18-179-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic MyCareLink Patient Monitor Use of Hard-coded Password",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic recommends users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical controls over the home monitor as the best mitigation to these vulnerabilities. \u0026nbsp;\u003c/li\u003e\u003cli\u003eOnly use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system. \u003c/li\u003e\u003cli\u003eReport any concerning behavior regarding their home monitor to their healthcare provider or a Medtronic representative. \u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic recommends users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Maintain good physical controls over the home monitor as the best mitigation to these vulnerabilities. \u00a0\n * Only use home monitors obtained directly from their healthcare provider or a Medtronic representative to ensure integrity of the system. \n * Report any concerning behavior regarding their home monitor to their healthcare provider or a Medtronic representative. \n\n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-06-29T00:00:00",
"ID": "CVE-2018-8870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Patient Monitor",
"version": {
"version_data": [
{
"version_value": "24950 MyCareLink Monitor, all versions, 24952 MyCareLink Monitor, all versions."
}
]
}
}
]
},
"vendor_name": "ICS-CERT"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED PASSWORD CWE-259"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-179-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-8870",
"datePublished": "2018-07-02T18:00:00Z",
"dateReserved": "2018-03-20T00:00:00",
"dateUpdated": "2025-05-22T18:10:03.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-8849 (GCVE-0-2018-8849)
Vulnerability from cvelistv5 – Published: 2018-05-18 13:00 – Updated: 2025-06-27 16:24
VLAI?
Title
Medtronic N'Vision Clinician Programmer Missing Encryption of Sensitive Data
Summary
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programme and 8870 N'Vision removable Application Card do not encrypt PII and PHI while at rest.
Severity ?
4.6 (Medium)
CWE
- CWE-311 - MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Medtronic | N'Vision Clinician Programmer |
Affected:
all versions
|
|||||||
|
|||||||||
Credits
Billy Rios and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:10:45.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104213"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "N\u0027Vision Clinician Programmer",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "8870 N\u2019Vision removable Application Card",
"vendor": "Medtronic",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Billy Rios and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA."
}
],
"datePublic": "2018-05-17T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic N\u0027Vision Clinician Programmer 8840 N\u0027Vision Clinician Programme and 8870 N\u0027Vision removable Application Card do not encrypt PII and PHI while at rest.\u003c/p\u003e"
}
],
"value": "Medtronic N\u0027Vision Clinician Programmer 8840 N\u0027Vision Clinician Programme and 8870 N\u0027Vision removable Application Card do not encrypt PII and PHI while at rest."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "MISSING ENCRYPTION OF SENSITIVE DATA CWE-311",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-27T16:24:54.910Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "104213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104213"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-137-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf"
},
{
"url": "https://www.medtronic.com/security"
}
],
"source": {
"advisory": "ICSMA-18-137-01",
"discovery": "EXTERNAL"
},
"title": "Medtronic N\u0027Vision Clinician Programmer Missing Encryption of Sensitive Data",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMedtronic has not developed a product update to address the \nvulnerabilities, but is reinforcing security reminders within this \nadvisory to help reduce the risk associated with the vulnerabilities.\u003c/p\u003e\n\u003cp\u003eThe 8870 Therapy Application card stores PHI and PII as part of its \nnormal operating procedure and should be handled, managed and secured in\n a manner consistent with the applicable laws for patient data privacy.\u003c/p\u003e\n\u003cp\u003eMedtronic recommends users take additional defensive measures to \nminimize the risk of exploitation of these vulnerabilities. \nSpecifically, hospitals and clinicians should:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMaintain strict physical control of the 8870 application card.\u003c/li\u003e\n\u003cli\u003eUse only legitimately obtained 8870 cards and not cards provided by \nany third party as firmware and system updates are provided directly by \nMedtronic using new 8870 application cards.\u003c/li\u003e\n\u003cli\u003e8840 Programmers and 8870 Therapy Application compact flash cards \nare the property of Medtronic and should be returned to Medtronic when \nno longer in use. If that is not an option, you should securely dispose \nof them.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMedtronic has released additional patient focused information, at the following location:\u003c/p\u003e\n\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003ehttps://www.medtronic.com/security\u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Medtronic has not developed a product update to address the \nvulnerabilities, but is reinforcing security reminders within this \nadvisory to help reduce the risk associated with the vulnerabilities.\n\n\nThe 8870 Therapy Application card stores PHI and PII as part of its \nnormal operating procedure and should be handled, managed and secured in\n a manner consistent with the applicable laws for patient data privacy.\n\n\nMedtronic recommends users take additional defensive measures to \nminimize the risk of exploitation of these vulnerabilities. \nSpecifically, hospitals and clinicians should:\n\n\n\n * Maintain strict physical control of the 8870 application card.\n\n * Use only legitimately obtained 8870 cards and not cards provided by \nany third party as firmware and system updates are provided directly by \nMedtronic using new 8870 application cards.\n\n * 8840 Programmers and 8870 Therapy Application compact flash cards \nare the property of Medtronic and should be returned to Medtronic when \nno longer in use. If that is not an option, you should securely dispose \nof them.\n\n\n\n\nMedtronic has released additional patient focused information, at the following location:\n\n\n https://www.medtronic.com/security"
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-05-17T00:00:00",
"ID": "CVE-2018-8849",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "N\u0027Vision Clinician Programmer",
"version": {
"version_data": [
{
"version_value": "8840 N\u0027Vision Clinician Programmer, all versions"
},
{
"version_value": "8870 N\u0027Vision removable Application Card, all versions"
}
]
}
}
]
},
"vendor_name": "Medtronic"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic N\u0027Vision Clinician Programmer 8840 N\u0027Vision Clinician Programmer, all versions, and 8870 N\u0027Vision removable Application Card, all versions does not encrypt PII and PHI while at rest."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MISSING ENCRYPTION OF SENSITIVE DATA CWE-311"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104213"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01"
},
{
"name": "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf",
"refsource": "CONFIRM",
"url": "http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-8849",
"datePublished": "2018-05-18T13:00:00Z",
"dateReserved": "2018-03-20T00:00:00",
"dateUpdated": "2025-06-27T16:24:54.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}