CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-27264

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 3.3

References

https://us-cert.cisa.gov/ics/advisories/icsma-21-012-01
https://us-cert.cisa.gov/ics/advisories/icsma-21-012-01

Products affected by CVE-2020-27264

Sooil » Anydana-A » Version: N/A

cpe:2.3:h:sooil:anydana-a:-
Sooil » Anydana-I » Version: N/A

cpe:2.3:h:sooil:anydana-i:-
Sooil » Diabecare Rs » Version: N/A

cpe:2.3:h:sooil:diabecare_rs:-
Sooil » Anydana-A Firmware » Version: Any

cpe:2.3:o:sooil:anydana-a_firmware:*
Sooil » Anydana-I Firmware » Version: Any

cpe:2.3:o:sooil:anydana-i_firmware:*
Sooil » Diabecare Rs Firmware » Version: Any

cpe:2.3:o:sooil:diabecare_rs_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-27264

Products

Pricing

Contact Us