Skip to main content

Blood Glucose Monitoring System Model No Apg 01 Bt

2 CVEs product

Monthly

CVE-2026-50034 HIGH CISA Act Now

Cleartext Bluetooth Low Energy transmission in the Apollo Pharmacy Blood Glucose Monitoring System (Model APG-01 BT) allows an attacker within BLE radio range to passively sniff wireless traffic and recover patient glucose readings and related health data. The flaw is a CWE-319 cleartext-transmission issue affecting a consumer medical device, disclosed via CISA ICS-CERT advisory ICSMA-26-169-01. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Information Disclosure Blood Glucose Monitoring System Model No Apg 01 Bt
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-52866 HIGH CISA Act Now

Denial-of-service in the Apollo Pharmacy Blood Glucose Monitoring System (model APG-01 BT) allows an attacker within Bluetooth Low Energy radio range to seize the device's single BLE connection slot, blocking the legitimate patient app or clinician from pairing and reading glucose measurements. The flaw is rooted in missing authorization (CWE-862) on connection acceptance and was disclosed through CISA's ICS Medical advisory ICSMA-26-169-01. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Authentication Bypass Blood Glucose Monitoring System Model No Apg 01 Bt
NVD GitHub
CVSS 4.0
7.1
EPSS
0.2%
EPSS 0% CVSS 7.1
HIGH Act Now

Cleartext Bluetooth Low Energy transmission in the Apollo Pharmacy Blood Glucose Monitoring System (Model APG-01 BT) allows an attacker within BLE radio range to passively sniff wireless traffic and recover patient glucose readings and related health data. The flaw is a CWE-319 cleartext-transmission issue affecting a consumer medical device, disclosed via CISA ICS-CERT advisory ICSMA-26-169-01. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Information Disclosure Blood Glucose Monitoring System Model No Apg 01 Bt
NVD GitHub
EPSS 0% CVSS 7.1
HIGH Act Now

Denial-of-service in the Apollo Pharmacy Blood Glucose Monitoring System (model APG-01 BT) allows an attacker within Bluetooth Low Energy radio range to seize the device's single BLE connection slot, blocking the legitimate patient app or clinician from pairing and reading glucose measurements. The flaw is rooted in missing authorization (CWE-862) on connection acceptance and was disclosed through CISA's ICS Medical advisory ICSMA-26-169-01. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Authentication Bypass Blood Glucose Monitoring System Model No Apg 01 Bt
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy