Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-14781
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Authentication Bypass by Capture-replay
Source: NVD (National Vulnerability Database)
Vulnerability Description
Medtronic MiniMed MMT devices when paired with a remote controller and having the “easy bolus” and “remote bolus” options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用捕获-重放进行的认证绕过
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Medtronic产品授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Medtronic MMT-508 MiniMed insulin pump等都是美国Medtronic公司的不同型号的胰岛素泵。 多款Medtronic产品中存在授权问题漏洞。在配对远程控制器并启用‘easy bolus’和‘remote bolus’选项时,攻击者可利用该漏洞捕获控制器和pump之间传递的信息并进行胰岛素注射。以下产品受到影响:Medtronic MMT - 508 MiniMed insulin pump;MMT - 522 Paradigm REAL-TIME;MMT - 722
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
MedtronicMMT- 508 - MiniMed pump All versions -
MedtronicMMT – 511 pump Paradigm All versions -
MedtronicMMT – 512 / MMT – 712 Paradigm x12 All versions -
MedtronicMMT – 515 / MMT – 715 Paradigm x15 All versions -
MedtronicMMT – 522 / MMT – 722 Paradigm REAL-TIME All versions -
MedtronicMMT – 522(K) / MMT – 722(K) Paradigm REAL-TIME All versions -
MedtronicMMT – 523 / MMT – 723 Paradigm Revel All versions -
MedtronicMMT – 523(K) / MMT – 723(K) Paradigm All versions -
MedtronicMMT – 554 / MMT – 754 MiniMed Veo All versions -
MedtronicMMT – 551 / MMT – 751 MiniMed 530G All versions -
II. Public POCs for CVE-2018-14781
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2018-14781
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: MMT- 508 - MiniMed pump
Same vendor: Medtronic
Same weakness: CWE-294
V. Comments for CVE-2018-14781

No comments yet

Leave a comment