Skip to main content

Apollo Blood Glucose Monitor CVE-2026-50034

| EUVDEUVD-2026-37971 HIGH
Cleartext Transmission of Sensitive Information (CWE-319)
2026-06-18 icscert GHSA-cmv8-9pgg-5rx4
7.1
CVSS 4.0 · Vendor: icscert
Share

Severity by source

Vendor (icscert) PRIMARY
7.1 MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
6.5 MEDIUM

Adjacent BLE radio attack with no privileges or interaction; passive sniffing of unencrypted health data yields high confidentiality impact only, no integrity or availability effect.

3.1 AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.0 AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (icscert).

CVSS VectorVendor: icscert

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 19, 2026 - 00:32 vuln.today
Severity Changed
Jun 19, 2026 - 00:22 NVD
MEDIUM HIGH
CVSS changed
Jun 19, 2026 - 00:22 NVD
6.5 (MEDIUM) 7.1 (HIGH)

DescriptionCVE.org

An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values.

AnalysisAI

Cleartext Bluetooth Low Energy transmission in the Apollo Pharmacy Blood Glucose Monitoring System (Model APG-01 BT) allows an attacker within BLE radio range to passively sniff wireless traffic and recover patient glucose readings and related health data. The flaw is a CWE-319 cleartext-transmission issue affecting a consumer medical device, disclosed via CISA ICS-CERT advisory ICSMA-26-169-01. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Position within BLE range of victim
Delivery
Passively sniff BLE advertisements and GATT traffic
Exploit
Capture cleartext glucose measurement packets
Execution
Parse health data from unencrypted payload
Impact
Exfiltrate or exploit patient data

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to be within BLE radio range (AV:A) of an APG-01 BT meter while the meter is actively transmitting a reading to its paired phone, and that the device is operated in its default configuration where measurement values are sent over BLE without link-layer or application-layer encryption. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals are internally consistent but moderate. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker sits within roughly 10-30 meters of a patient using the APG-01 BT meter - for example in a clinic waiting room, on public transit, or in an adjacent apartment - and runs a passive BLE sniffer such as Sniffle on an nRF52840 dongle to capture advertising and GATT traffic. Because measurement values are transmitted without encryption, the captured packets directly reveal glucose readings and associated metadata, enabling targeted privacy violation, insurance/employment discrimination, or stalking of a specific individual. …
Remediation No vendor-released patch identified at time of analysis; consult CISA ICSMA-26-169-01 (https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-169-01) and contact Apollo Pharmacy via https://www.apollopharmacy.in/contact-us for firmware status. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Conduct inventory of all APG-01 BT devices in clinical use and identify affected patient populations; escalate to compliance and risk management. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-50034 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy