Vulnerabilities > Medtronic > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-8870 | Use of Hard-coded Credentials vulnerability in Medtronic products Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. | 6.8 |
| 2018-07-03 | CVE-2018-8868 | Unspecified vulnerability in Medtronic products Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions, contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. high complexity medtronic | 6.4 |
| 2018-05-18 | CVE-2018-8849 | Missing Encryption of Sensitive Data vulnerability in Medtronic N'Vision 8840 Firmware and N'Vision 8870 Firmware Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest. | 4.6 |
| 2018-05-04 | CVE-2018-5448 | Path Traversal vulnerability in Medtronic 2090 Carelink Programmer Firmware All versions of the Medtronic 2090 Carelink Programmer are affected by a directory traversal vulnerability where the product's software deployment network could allow an attacker to read files on the system. | 5.7 |
| 2018-05-04 | CVE-2018-5446 | Insufficiently Protected Credentials vulnerability in Medtronic 2090 Carelink Programmer Firmware All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and password that is stored in a recoverable format which could allow an attacker with physical access to a 2090 Programmer to obtain per-product credentials to the software deployment network. | 5.3 |