CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10626

Medtronic MyCareLink Patient Monitor’s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.7%

CVSS Severity

CVSS v3 Score 4.4

CVSS v2 Score 3.8

References

Products affected by CVE-2018-10626

Medtronic » Mycarelink 24950 Patient Monitor » Version: N/A

cpe:2.3:h:medtronic:mycarelink_24950_patient_monitor:-
Medtronic » Mycarelink 24952 Patient Monitor » Version: N/A

cpe:2.3:h:medtronic:mycarelink_24952_patient_monitor:-
Medtronic » Mycarelink 24950 Patient Monitor Firmware » Version: N/A

cpe:2.3:o:medtronic:mycarelink_24950_patient_monitor_firmware:-
Medtronic » Mycarelink 24952 Patient Monitor Firmware » Version: N/A

cpe:2.3:o:medtronic:mycarelink_24952_patient_monitor_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-10626

Products

Pricing

Contact Us