Vulnerabilities > Medtronic > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-07-03 CVE-2018-8870 Use of Hard-coded Credentials vulnerability in Medtronic products
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains a hard-coded operating system password.
low complexity
medtronic CWE-798
6.8
6.8
2018-07-03 CVE-2018-8868 Unspecified vulnerability in Medtronic products
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device.
high complexity
medtronic
6.4
6.4
2018-05-18 CVE-2018-8849 Missing Encryption of Sensitive Data vulnerability in Medtronic N'Vision 8840 Firmware and N'Vision 8870 Firmware
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest.
low complexity
medtronic CWE-311
4.6
4.6
2018-05-04 CVE-2018-5448 Path Traversal vulnerability in Medtronic 2090 Carelink Programmer Firmware
Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system.
low complexity
medtronic CWE-22
5.7
5.7
2018-05-04 CVE-2018-5446 Insufficiently Protected Credentials vulnerability in Medtronic 2090 Carelink Programmer Firmware
Medtronic 2090 CareLink Programmer uses a per-product username and password that is stored in a recoverable format.
low complexity
medtronic CWE-522
5.3
5.3