A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/105042 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01 | Third Party Advisory US Government Resource |
http://www.securityfocus.com/bid/105042 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 03:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/105042 - Third Party Advisory, VDB Entry | |
References | () https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01 - Third Party Advisory, US Government Resource |
Information
Published : 2018-08-10 18:29
Updated : 2024-11-21 03:41
NVD link : CVE-2018-10622
Mitre link : CVE-2018-10622
CVE.ORG link : CVE-2018-10622
JSON object : View
Products Affected
medtronic
- mycarelink_24950_patient_monitor
- mycarelink_24952_patient_monitor
- mycarelink_24952_patient_monitor_firmware
- mycarelink_24950_patient_monitor_firmware