← volver
CVE-2018-10634

Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information

CVSS 4.8 MEDIUMEPSS 0.5%CWE-319
Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.
CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Productos afectados
Medtronic · MMT- 508 - MiniMed pumpMedtronic · MMT – 511 pump ParadigmMedtronic · MMT – 512 / MMT – 712 Paradigm x12Medtronic · MMT – 515 / MMT – 715 Paradigm x15Medtronic · MMT – 522(K) / MMT – 722(K) Paradigm REAL-TIMEMedtronic · MMT – 522 / MMT – 722 Paradigm REAL-TIMEMedtronic · MMT – 523(K) / MMT – 723(K) ParadigmMedtronic · MMT – 523 / MMT – 723 Paradigm RevelMedtronic · MMT – 551 / MMT – 751 MiniMed 530GMedtronic · MMT – 554 / MMT – 754 MiniMed Veo

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.htmlhttps://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02http://www.securityfocus.com/bid/105044