14 matches found
EUVD-2020-19765
Malware in sbrugna...
EUVD-2020-17878
Malware in sbrugna...
EUVD-2020-17874
Malware in sbrugna...
CVE-2020-25183
Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth...
CVE-2020-25187
Medtronic MyCareLink Smart 25000 is vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart Patient Reader software stack. The heap overflow could allow an attacker to remotely execute code on the...
Design/Logic Flaw
Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth...
Race condition
Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited an attacker could remotely execute code on the MCL Smart Patient...
Design/Logic Flaw
Medtronic MyCareLink Smart 25000 all versions are vulnerable when an attacker who gains auth runs a debug command, which is sent to the reader causing heap overflow in the MCL Smart Reader stack. A heap overflow allows attacker to remotely execute code on the MCL Smart Reader, could lead to contr...
CVE-2020-27252 Medtronic MyCareLink Smart Time-of-check Time-of-use Race Condition
Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device...
CVE-2020-27252
CVE-2020-27252 affects Medtronic MyCareLink Smart 25000 Patient Reader. A race condition in the MCL Smart Patient Reader software update system can allow unsigned firmware to be uploaded and executed, potentially enabling remote code execution and control of the paired device. Mitigations documen...
CVE-2020-25187
CVE-2020-25187 affects Medtronic MyCareLink Smart 25000 Patient Reader. The vulnerability is a heap-based buffer overflow in the MCL Smart Patient Reader software stack triggered when an authenticated attacker issues a debug command, potentially allowing remote code execution and device control. ...
CVE-2020-25183 Medtronic MyCareLink Smart Improper Authentication
Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device ...
CVE-2020-25183
CVE-2020-25183 affects Medtronic MyCareLink Smart 25000; root cause is an authentication bypass between the MCL Smart Patient Reader and the MyCareLink Smart mobile app (CWE-287). Impact is authenticated access within Bluetooth range, allowing an attacker on a nearby device to fool the reader int...
Medtronic MyCareLink Smart Model 25000 Patient Reader Buffer Error Vulnerability
The Medtronic MyCareLink Smart Model 25000 Patient Reader is a reader used in the healthcare industry to visually interact with medical devices from Medtronic, Inc. The Medtronic MyCareLink Smart Model 25000 Patient Reader suffers from a buffer error vulnerability that stems from the susceptibili...