Vulnerabilities > Alivecor
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-27 | CVE-2022-41627 | Cleartext Transmission of Sensitive Information vulnerability in Alivecor products The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal electrocardiogram (EKG) has no encryption for its data-over-sound protocols. | 7.6 |
| 2022-10-26 | CVE-2022-40703 | Improper Authentication vulnerability in Alivecor Kardia 5.17.1754993421 CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Kardia App version 5.17.1-754993421 and prior on Android allows an unauthenticated attacker with physical access to the Android device containing the app to bypass application authentication and alter information in the app. | 6.1 |