Vulnerabilities > Medtronic > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-14 | CVE-2020-27252 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Medtronic Mycarelink Smart Model 25000 Firmware Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. | 9.3 |
2020-12-14 | CVE-2020-25187 | Out-of-bounds Write vulnerability in Medtronic Mycarelink Smart Model 25000 Firmware Medtronic MyCareLink Smart 25000 all versions are vulnerable when an attacker who gains auth runs a debug command, which is sent to the reader causing heap overflow in the MCL Smart Reader stack. | 10.0 |