12 matches found
EUVD-2025-209728
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...
EUVD-2025-22528
Malicious code in bioql PyPI...
CVE-2025-4394
Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...
CVE-2025-4395
Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...
CVE-2025-4393
Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before Jun...
CVE-2025-4395
Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...
CVE-2025-4393
Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before Jun...
CVE-2025-4395 Medtronic MyCareLink Patient Monitor Empty Password Vulnerability
Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025...
PT-2025-30630 · Medtronic · Mycarelink Patient Monitor
Name of the Vulnerable Software and Affected Versions: Medtronic MyCareLink Patient Monitor models 24950 and 24952 before June 25, 2025 Description: The Medtronic MyCareLink Patient Monitor contains a built-in user account with no password. This allows an attacker with physical access to log in...
PT-2025-30628 · Medtronic · Mycarelink Patient Monitor 24952 +1
Name of the Vulnerable Software and Affected Versions: Medtronic MyCareLink Patient Monitor models 24950 and 24952 before June 25, 2025 Description: The Medtronic MyCareLink Patient Monitor contains an internal service that deserializes data. A local attacker can interact with this service by...
PT-2025-30629 · Medtronic · Mycarelink Patient Monitor
Name of the Vulnerable Software and Affected Versions: Medtronic MyCareLink Patient Monitor versions 24950 and 24952 before June 25, 2025 Description: The Medtronic MyCareLink Patient Monitor utilizes an unencrypted filesystem on its internal storage. This allows an attacker with physical access ...
Medtronic MyCareLink 24950 Patient Monitor (Update A)
1. EXECUTIVE SUMMARY CVSS v3 4.9 Vendor: Medtronic Equipment: MyCareLink Patient Monitor Vulnerabilities: Insufficient Verification of Data Authenticity, Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow an attacker with...