Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2018-10634
HistoryAug 13, 2018 - 9:47 p.m.

CVE-2018-10634

2018-08-1321:47:59
CWE-319
[email protected]
web.nvd.nist.gov
29
cve-2018-10634
medtronic
insulin pump
communication
vulnerability
nvd

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.2%

JSON

Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.

Affected configurations

NVD
Node
medtronicminimed_paradigm_revel_mmt-523k_firmwareMatch-
AND
medtronicminimed_paradigm_revel_mmt-523kMatch-
Node
medtronicminimed_paradigm_revel_mmt-723k_firmwareMatch-
AND
medtronicminimed_paradigm_revel_mmt-723kMatch-
Node
medtronicminimed_paradigm_revel_mmt-723_firmwareMatch-
AND
medtronicminimed_paradigm_revel_mmt-723Match-
Node
medtronicminimed_530g_mmt-551_firmwareMatch-
AND
medtronicminimed_530g_mmt-551Match-
Node
medtronicminimed_paradigm_real-time_mmt-522_firmwareMatch-
AND
medtronicminimed_paradigm_real-time_mmt-522Match-
Node
medtronicminimed_paradigm_real-time_mmt-722_firmwareMatch-
AND
medtronicminimed_paradigm_real-time_mmt-722Match-
Node
medtronicminimed_530g_mmt-751_firmwareMatch-
AND
medtronicminimed_530g_mmt-751Match-
Node
medtronicminimed_paradigm_revel_mmt-523_firmwareMatch-
AND
medtronicminimed_paradigm_revel_mmt-523Match-
Node
medtronicminimed_paradigm_508_insulin_pump_firmwareMatch-
AND
medtronicminimed_paradigm_508_insulin_pumpMatch-

CNA Affected

[
  {
    "product": "Medtronic insulin pump",
    "vendor": "ICS-CERT",
    "versions": [
      {
        "status": "affected",
        "version": "MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G"
      }
    ]
  }
]

Related

prion 1
nvd 1
cvelist 1
ics 1
prion
prion
Information disclosure
2018-08-13 21:47:00
nvd
nvd
CVE-2018-10634
2018-08-13 21:47:59
cvelist
cvelist
CVE-2018-10634
2018-08-08 00:00:00
ics
ics
Medtronic MiniMed MMT-500/MMT-503 Remote Controllers (Update A)
2021-10-05 12:00:00

2.9 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:M/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.2%

JSON
Related for CVE-2018-10634
prion1nvd1cvelist1ics1