CVE-2018-18975

2019-05-0619:09:02

mitre

www.cve.org

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.8%

JSON

An issue was discovered in the Ascensia Contour NEXT ONE app for iOS before 2019-01-15. An attacker may proxy communications between the app and Ascensia backend servers because of a weak certificate-pinning implementation, leading to disclosure of medical information.

References

depthsecurity.com/blog/medical-exploitation-you-are-now-diabetic