Vulnerability Details CVE-2020-27270
SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in transit which allows unauthenticated physically proximate attacker to sniff keys via (BLE).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.6%
CVSS Severity
CVSS v3 Score 5.7
CVSS v2 Score 2.9
References
Products affected by CVE-2020-27270
-
cpe:2.3:h:sooil:anydana-a:-
-
cpe:2.3:h:sooil:anydana-i:-
-
cpe:2.3:h:sooil:diabecare_rs:-
-
cpe:2.3:o:sooil:anydana-a_firmware:*
-
cpe:2.3:o:sooil:anydana-i_firmware:*
-
cpe:2.3:o:sooil:diabecare_rs_firmware:*