CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-18254

BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at rest. An attacker with physical access to the CardioMessenger can disclose medical measurement data and the serial number from the implanted cardiac device the CardioMessenger is paired with.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.9%

CVSS Severity

CVSS v3 Score 4.6

CVSS v2 Score 2.1

References

https://www.us-cert.gov/ics/advisories/icsma-20-170-05
https://www.us-cert.gov/ics/advisories/icsma-20-170-05

Products affected by CVE-2019-18254

Biotronik » Cardiomessenger Ii-S Gsm » Version: N/A

cpe:2.3:h:biotronik:cardiomessenger_ii-s_gsm:-
Biotronik » Cardiomessenger Ii-S T-Line » Version: N/A

cpe:2.3:h:biotronik:cardiomessenger_ii-s_t-line:-
Biotronik » Cardiomessenger Ii-S Gsm Firmware » Version: 2.20

cpe:2.3:o:biotronik:cardiomessenger_ii-s_gsm_firmware:2.20
Biotronik » Cardiomessenger Ii-S T-Line Firmware » Version: 2.20

cpe:2.3:o:biotronik:cardiomessenger_ii-s_t-line_firmware:2.20

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-18254

Products

Pricing

Contact Us