Vulnerabilities > Medtronic > Mycarelink Smart Model 25000 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-14	CVE-2020-27252	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Medtronic Mycarelink Smart Model 25000 Firmware Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. network high complexity medtronic CWE-367	8.1
2020-12-14	CVE-2020-25183	Improper Authentication vulnerability in Medtronic Mycarelink Smart Model 25000 Firmware Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. low complexity medtronic CWE-287	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.