Vulnerabilities > CVE-2020-8997 - Out-of-bounds Write vulnerability in Abbott Freestyle Libre Firmware

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

abbott

CWE-787

NVD

Published: 2020-02-16

Updated: 2020-02-28

Summary

Older generation Abbott FreeStyle Libre sensors allow remote attackers within close proximity to enable write access to memory via a specific NFC unlock command. NOTE: The vulnerability is not present in the FreeStyle Libre 14-day in the U.S (announced in August 2018) and FreeStyle Libre 2 outside the U.S (announced in October 2018).

Vulnerable Configurations

Part	Description	Count
OS	Abbott Abbott Freestyle Libre Firmware -	1
Hardware	Abbott Abbott Freestyle Libre -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://fortiguard.com/zeroday/FG-VD-19-112