CVE-2018-8849
Medtronic N'Vision Clinician Programmer Missing Encryption of Sensitive Data
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programme and 8870 N'Vision removable Application Card do not encrypt PII and PHI while at rest.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Medtronic · 8870 N’Vision removable Application CardMedtronic · N'Vision Clinician ProgrammerQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-137-01https://www.medtronic.com/securityhttp://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdfhttp://www.securityfocus.com/bid/104213