← back
CVE-2020-27272

CVE-2020-27272

EPSS 0.5%
SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump before exchanging keys, which allows unauthenticated, physically proximate attackers to eavesdrop the keys and spoof the pump via BLE.
Affected products
n/a · SOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-A

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://us-cert.cisa.gov/ics/advisories/icsma-21-012-01