github - ghsa-7j5v-9v3j-phg6

GHSA-7J5V-9V3J-PHG6

Vulnerability from github – Published: 2022-05-24 22:28 – Updated: 2025-05-22 21:30

Details

Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth to the patient’s Smart Reader, fools the device into thinking its communicating with the actual smart phone application when executed in range of Bluetooth.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-25183"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-12-14T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth to the patient\u2019s Smart Reader, fools the device into thinking its communicating with the actual smart phone application when executed in range of Bluetooth.",
  "id": "GHSA-7j5v-9v3j-phg6",
  "modified": "2025-05-22T21:30:31Z",
  "published": "2022-05-24T22:28:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25183"
    },
    {
      "type": "WEB",
      "url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2020-25183 (GCVE-0-2020-25183)

Vulnerability from cvelistv5 – Published: 2020-12-14 19:18 – Updated: 2025-05-22 19:34

Summary

Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient’s smartphone to authenticate to the patient’s Medtronic Smart Reader, fooling the device into believing it is communicating with the original Medtronic smart phone application when executed within range of Bluetooth communication.

Severity ?

8 (High)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-287 - Improper Authentication

Assigner

icscert

References

URL

Tags

	https://global.medtronic.com/xg-en/product-securi…	x_refsource_MISC
	https://www.cisa.gov/news-events/ics-medical-advi…

Impacted products

	Vendor	Product	Version
	Medtronic	Smart Model 25000 Patient Reader	Affected: All versions

Credits

Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic. Eric Gustafson, Sara Rampazzi, Paul Grosen, Christopher Kruegel, and Giovanni Vigna from the University of California Santa Barbara, University of Florida, and University of Michigan

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:26:09.773Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Smart Model 25000 Patient Reader",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic."
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Eric Gustafson, Sara Rampazzi, Paul Grosen, Christopher Kruegel, and Giovanni Vigna from the University of California Santa Barbara, University of Florida, and University of Michigan"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMedtronic MyCareLink Smart 25000 contains \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ean authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient\u2019s smartphone to authenticate to the patient\u2019s Medtronic Smart Reader, fooling the device into believing it is communicating with the original Medtronic smart phone application when executed within range of Bluetooth communication.\u003c/span\u003e\n\n\u003c/p\u003e"
            }
          ],
          "value": "Medtronic MyCareLink Smart 25000 contains \n\nan authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient\u2019s smartphone to authenticate to the patient\u2019s Medtronic Smart Reader, fooling the device into believing it is communicating with the original Medtronic smart phone application when executed within range of Bluetooth communication."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-22T19:34:29.069Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
        },
        {
          "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\u003c/p\u003e\u003cp\u003eMedtronic has released additional \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003epatient focused information\u003c/a\u003e: \u003c/p\u003e\u003cp\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/xg-en/product-security/security-bulletins.html\"\u003ehttps://www.medtronic.com/xg-en/product-security/security-bulletins.html \u003c/a\u003e\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\n\nMedtronic has released additional  patient focused information https://www.medtronic.com/security : \n\n https://www.medtronic.com/xg-en/product-security/security-bulletins.html  https://www.medtronic.com/xg-en/product-security/security-bulletins.html"
        }
      ],
      "source": {
        "advisory": "ICSMA-20-345-01",
        "discovery": "EXTERNAL"
      },
      "title": "Medtronic MyCareLink Smart Improper Authentication",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIn response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMedtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\u003c/li\u003e\u003cli\u003eMedtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMaintain good physical control over home monitors.\u003cul\u003e\u003cli\u003eThis includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eUse only home monitors obtained directly from your healthcare provider or a Medtronic representative.\u003c/li\u003e\u003cli\u003ePatients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\u003c/p\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\n\n  *  Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\n  *  Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\n\n\nMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\n\n  *  Maintain good physical control over home monitors.  *  This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n\n\n\n  *  Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.\n  *  Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\n\n\nReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2020-25183",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Medtronic MyCareLink Smart 25000 Reader",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Smart 25000 all versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth to the patient\u2019s Smart Reader, fools the device into thinking its communicating with the actual smart phone application when executed in range of Bluetooth."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "IMPROPER AUTHENTICATION CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2020-25183",
    "datePublished": "2020-12-14T19:18:44",
    "dateReserved": "2020-09-04T00:00:00",
    "dateUpdated": "2025-05-22T19:34:29.069Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-7J5V-9V3J-PHG6

CVE-2020-25183 (GCVE-0-2020-25183)

Tags

Sightings

Nomenclature