Skip to main content

Mycarelink Smart Model 25000 Firmware

3 CVEs product

Monthly

CVE-2020-27252 HIGH This Week

Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Mycarelink Smart Model 25000 Firmware
NVD
CVSS 3.1
8.1
EPSS
3.7%
CVE-2020-25187 CRITICAL Act Now

Medtronic MyCareLink Smart 25000 is vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Mycarelink Smart Model 25000 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2020-25183 HIGH This Week

Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mycarelink Smart Model 25000 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.8%
EPSS 4% CVSS 8.1
HIGH This Week

Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Mycarelink Smart Model 25000 Firmware
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Medtronic MyCareLink Smart 25000 is vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Mycarelink Smart Model 25000 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mycarelink Smart Model 25000 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy