Security News > 2020 > February > Medtronic Patches Implanted Device, CareLink Programmer Bugs

Medtronic Patches Implanted Device, CareLink Programmer Bugs
2020-02-04 17:53

The medical device giant said in an advisory last week that at issue is the proprietary Medtronic Conexus radio frequency wireless telemetry protocol that the devices use for remote monitoring of a patient's implanted cardiac device.

While most of the affected products are still awaiting fixes, Medtronic has now issued patches for all models of the Brava and Viva lines of CRT-D devices; and bugs in the Evera, Evera MRI, Mirro MRI and Primo MRI lines of ICDs.

It should be noted that Conexus telemetry is not used in other common Medtronic devices, such as pacemakers, CareLink Express monitors and the CareLink Encore programmers used by hospitals and clinics.

Medtronic's CareLink 2090 CareLink Encore 29901 programmers are used for programming, testing and evaluating "Cardiac implantable electrophysiology devices," a.k.a. CIEDs.

The SDN is "a worldwide network hosted by Medtronic that allows the download of new or updated software to Medtronic's CareLink 2090 and CareLink Encore 29901 programmers using a network connection," according to the updated advisory, issued last week.


News URL

https://threatpost.com/medtronic-patches-implanted-device-carelink/152533/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Medtronic 101 0 15 8 1 24