github - ghsa-fxw8-j27m-3752

GHSA-FXW8-J27M-3752

Vulnerability from github – Published: 2022-05-13 01:34 – Updated: 2025-05-22 18:31

Details

Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.

Severity ?

5.3 (Medium)


                  
                    CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-10634"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-319"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-13T21:47:00Z",
    "severity": "MODERATE"
  },
  "details": "Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.",
  "id": "GHSA-fxw8-j27m-3752",
  "modified": "2025-05-22T18:31:09Z",
  "published": "2022-05-13T01:34:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10634"
    },
    {
      "type": "WEB",
      "url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105044"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2018-10634 (GCVE-0-2018-10634)

Vulnerability from cvelistv5 – Published: 2018-08-13 22:00 – Updated: 2025-05-22 16:28

Summary

Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.

Severity ?

4.8 (Medium)


                        
                          CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

CWE-319 - Cleartext Transmission of Sensitive Information

Assigner

icscert

References

URL

Tags

	https://global.medtronic.com/xg-en/product-securi…
	https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02
	http://www.securityfocus.com/bid/105044	vdb-entry

Impacted products

Vendor

Product

Version

Medtronic

MMT- 508 - MiniMed pump

Affected: All versions

Medtronic	MMT – 511 pump Paradigm	Affected: All versions
Medtronic	MMT – 512 / MMT – 712 Paradigm x12	Affected: All versions
Medtronic	MMT – 515 / MMT – 715 Paradigm x15	Affected: All versions
Medtronic	MMT – 522 / MMT – 722 Paradigm REAL-TIME	Affected: All versions
Medtronic	MMT – 522(K) / MMT – 722(K) Paradigm REAL-TIME	Affected: All versions
Medtronic	MMT – 523 / MMT – 723 Paradigm Revel	Affected: All versions
Medtronic	MMT – 523(K) / MMT – 723(K) Paradigm	Affected: All versions
Medtronic	MMT – 554 / MMT – 754 MiniMed Veo	Affected: All versions
Medtronic	MMT – 551 / MMT – 751 MiniMed 530G	Affected: All versions

Credits

Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:46:46.358Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
          },
          {
            "name": "105044",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105044"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MMT- 508 - MiniMed pump",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 511 pump Paradigm",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 512 / MMT \u2013 712 Paradigm x12",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 515 / MMT \u2013 715 Paradigm x15",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 522 / MMT \u2013 722 Paradigm REAL-TIME",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 522(K) / MMT \u2013 722(K) Paradigm REAL-TIME",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 523 / MMT \u2013 723 Paradigm Revel",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 523(K) / MMT \u2013 723(K) Paradigm",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 554 / MMT \u2013 754 MiniMed Veo",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "MMT \u2013 551 / MMT \u2013 751 MiniMed 530G",
          "vendor": "Medtronic",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities to CISA."
        }
      ],
      "datePublic": "2018-08-08T06:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCommunications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.\u003c/span\u003e\n\n\u003c/p\u003e"
            }
          ],
          "value": "Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319 Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-22T16:28:03.155Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html"
        },
        {
          "name": "105044",
          "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
        },
        {
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/105044"
        }
      ],
      "source": {
        "advisory": "ICSMA-18-219-02",
        "discovery": "EXTERNAL"
      },
      "title": "Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe remote option is turned off in the pump by default. \u0026nbsp;\u003c/p\u003e\u003cp\u003eMedtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. \u003c/p\u003e\u003cp\u003eMedtronic has released \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\"\u003eadditional patient focused information\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eAdditionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic. \u003c/p\u003e"
            }
          ],
          "value": "The remote option is turned off in the pump by default. \u00a0\n\nMedtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. \n\nMedtronic has released  additional patient focused information https://www.medtronic.com/security .\n\nAdditionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2018-08-08T00:00:00",
          "ID": "CVE-2018-10634",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Medtronic insulin pump",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ICS-CERT"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"
            },
            {
              "name": "105044",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105044"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2018-10634",
    "datePublished": "2018-08-13T22:00:00Z",
    "dateReserved": "2018-05-01T00:00:00",
    "dateUpdated": "2025-05-22T16:28:03.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-FXW8-J27M-3752

CVE-2018-10634 (GCVE-0-2018-10634)

Tags

Sightings

Nomenclature