Vulnerabilities > Medtronic > Mycarelink Smart Model 25000 Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-14	CVE-2020-27252	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Medtronic Mycarelink Smart Model 25000 Firmware Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. network high complexity medtronic CWE-367	8.1
2020-12-14	CVE-2020-25183	Improper Authentication vulnerability in Medtronic Mycarelink Smart Model 25000 Firmware Medtronic MyCareLink Smart 25000 contains an authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. low complexity medtronic CWE-287	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.