The vulnerability of the Paceart Messaging Service in the Paceart Optima cardiac monitoring system allows a perpetrator to gain unauthorized access to read, modify, or delete data, execute arbitrary code, or trigger a service failure.

🗓️ 06 Jul 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Remote attacker exploits deserialization flaw in Paceart Messaging Service to read or modify data.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-31222	29 Jun 202320:14	–	circl
CNNVD	Medtronic Paceart Optima 代码问题漏洞	29 Jun 202300:00	–	cnnvd
CVE	CVE-2023-31222	29 Jun 202315:19	–	cve
Cvelist	CVE-2023-31222 Medtronic Paceart MSMQ Deserialization of Untrusted Data	29 Jun 202315:19	–	cvelist
ICS	Medtronic Paceart Optima System	29 Jun 202306:00	–	ics
Malwarebytes	Warning issued over vulnerability in cardiac device monitoring software	6 Jul 202303:00	–	malwarebytes
NVD	CVE-2023-31222	29 Jun 202316:15	–	nvd
OSV	CVE-2023-31222	29 Jun 202316:15	–	osv
Prion	Deserialization of untrusted data	29 Jun 202316:15	–	prion
Positive Technologies	PT-2023-3388 · Medtronic +1 · Paceart Optima +1	25 Apr 202300:00	–	ptsecurity

Vulners

Node

medtronic paceart_optimaRange≤1.11

Source	Link
global	www.global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html
vuldb	www.vuldb.com/ru/
web	www.web.nvd.nist.gov/view/vuln/detail

06 Jul 2023 00:00Current

8High risk

Vulners AI Score8

CVSS 39.8

CVSS 210

EPSS0.25503

Paceart Messaging Service Paceart Optima Deserialization flaw Unauthorized access Remote attacker Data reading Data modification Code execution Service failure