Vulnerability Details CVE-2018-8849
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.0%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References
- http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf
- http://www.securityfocus.com/bid/104213
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01
- http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf
- http://www.securityfocus.com/bid/104213
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01
Products affected by CVE-2018-8849
-
cpe:2.3:h:medtronic:n'vision_8840:-
-
cpe:2.3:h:medtronic:n'vision_8870:-
-
cpe:2.3:o:medtronic:n'vision_8840_firmware:-
-
cpe:2.3:o:medtronic:n'vision_8870_firmware:-