cbcvebase.

Medtronic Smart Model 25000 Patient Reader vulnerabilities

3 known vulnerabilities affecting medtronic/smart_model_25000_patient_reader.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2

Vulnerabilities

Page 1 of 1
CVE-2020-25187P2CRITICALCVSS 9.8vAll versions2020-12-14
CVE-2020-25187 [CRITICAL] CWE-122 CVE-2020-25187: Medtronic MyCareLink Smart 25000 is vulnerable when an authenticated attacker runs a debug comman Medtronic MyCareLink Smart 25000 is vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart Patient Reader software stack. The heap overflow could allow an attacker to remotely execute code on the MCL Smart Patient Reader, potentially leading to cont
nvd
CVE-2020-27252P3HIGHCVSS 8.1vAll versions2020-12-14
CVE-2020-27252 [HIGH] CWE-367 CVE-2020-27252: Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device.
nvd
CVE-2020-25183P3HIGHCVSS 8.8vAll versions2020-12-14
CVE-2020-25183 [HIGH] CWE-287 CVE-2020-25183: Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the metho Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient’s smartphone to a
nvd
Medtronic Smart Model 25000 Patient Reader vulnerabilities | cvebase