← volver
CVE-2022-32537

Medtronic MiniMed 600 Series Pump System Communication Issue

CVSS 4.8 MEDIUMEPSS 0.3%CWE-693
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.8EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
17 nov 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Productos afectados
Medtronic · Minimed 600 Series Insulin Pump

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-600-series-communication-issue.htmlhttps://www.cisa.gov/news-events/ics-medical-advisories/icsma-22-263-01https://www.cisa.gov/uscert/ics/advisories/icsma-22-263-01https://www.medtronic.com/en-us/e/product-security/security-bulletins/minimed-600-series-communication-issue.html