Vulnerability Details CVE-2017-12712
The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.0%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 8.3
References
Products affected by CVE-2017-12712
-
cpe:2.3:h:abbott:accent:-
-
cpe:2.3:h:abbott:accent_mri:-
-
cpe:2.3:h:abbott:accent_st:-
-
cpe:2.3:h:abbott:allure:-
-
cpe:2.3:h:abbott:anthem:-
-
cpe:2.3:h:abbott:assurity:-
-
cpe:2.3:h:abbott:assurity_mri:-
-
cpe:2.3:o:abbott:accent_firmware:*
-
cpe:2.3:o:abbott:accent_mri_firmware:*
-
cpe:2.3:o:abbott:accent_st_firmware:*
-
cpe:2.3:o:abbott:allure_firmware:*
-
cpe:2.3:o:abbott:anthem_firmware:*
-
cpe:2.3:o:abbott:assurity_firmware:*
-
cpe:2.3:o:abbott:assurity_mri_firmware:*