← back
CVE-2019-18254

CVE-2019-18254

EPSS 0.2%CWE-311
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
29 Jun 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at rest. An attacker with physical access to the CardioMessenger can disclose medical measurement data and the serial number from the implanted cardiac device the CardioMessenger is paired with.
Affected products
n/a · BIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSM

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.us-cert.gov/ics/advisories/icsma-20-170-05