240 matches found
CVE-2025-4386
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....
CVE-2025-4397 Medtronic MyCareLink Patient Monitor Data Encryption Weakness
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...
CVE-2025-4397 Medtronic MyCareLink Patient Monitor Data Encryption Weakness
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...
CVE-2025-4397
CVE-2025-4397 affects Medtronic MyCareLink Patient Monitor. The issue is that per‑product credentials are stored in a recoverable format, allowing an attacker to use these credentials to modify encrypted drive data. The description indicates physical access as the attack vector and a high impact ...
CVE-2025-4386 Medtronic MyCareLink Patient Monitor Hardware Debug Port
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....
CVE-2025-4386
CVE-2025-4386 concerns the Medtronic MyCareLink Patient Monitor, which exposes an internal serial interface that can be accessed by an attacker with physical access to reach a UART login prompt. The CVSSv3.1 vector (AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) yields a base score of 6.8 (MEDIUM). The att...
CVE-2025-4386 Medtronic MyCareLink Patient Monitor Hardware Debug Port
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....
Medtronic MyCareLink Patient Monitor 安全漏洞
Medtronic MyCareLink Patient Monitor is an open-source monitoring system developed by Medtronic in the United States. The Medtronic MyCareLink Patient Monitor has a security vulnerability, which stems from its internal serial interface. This vulnerability could allow attackers with physical acces...
Medtronic MyCareLink Patient Monitor 安全漏洞
Medtronic MyCareLink Patient Monitor is an open-source monitoring system developed by Medtronic in the United States. The Medtronic MyCareLink Patient Monitor has a security vulnerability, which stems from the use of product credentials stored in a recoverable format. This vulnerability could all...
PT-2026-38447
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...
CVE-2018-10622
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...
CVE-2018-10631
The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection...
CVE-2025-12997
Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: befo...
CVE-2025-12994
Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for security questions to an API endpoint that could be used to determine a valid user account. This issue affects CareLink Network: before December 4, 2025...
CVE-2025-12997
Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: befo...
CVE-2025-12997
Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: befo...
EUVD-2025-201284
Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: befo...
EUVD-2025-201285
Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force attack on an API endpoint that could be used to determine a valid password under certain circumstances. This issue affects CareLink Network: before December 4, 2025...
Medtronic CareLink Network 安全漏洞
Medtronic CareLink Network is an open source platform for remote monitoring of cardiac patients by Medtronic in the United States. A security vulnerability exists in versions of Medtronic CareLink Network prior to December 4, 2025, which stems from a brute force attack that can be performed by an...
PT-2025-49127
Name of the Vulnerable Software and Affected Versions Medtronic CareLink Network versions prior to December 4, 2025 Description An Insecure Direct Object Reference issue exists in Medtronic CareLink Network. An authenticated attacker, possessing access to specific device and user information, can...