Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. It has a statically coded initialization vector. Extraction of the initialization vector is necessary for deciphering communications between this application and the backend server. This, in combination with retrieving any user's encrypted data from the Ascensia cloud through another vulnerability, allows an attacker to obtain and modify any patient's medical information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Ascensia Diabetes Care Ascensia Contour NEXT ONE application 加密问题漏洞
Vulnerability Description
Ascensia Diabetes Care Ascensia Contour NEXT ONE application是美国Ascensia Diabetes Care公司的一款血糖仪管理应用程序。 基于Android平台的Ascensia Diabetes Care Ascensia Contour NEXT ONE应用程序2019-01-15之前版本中存在安全漏洞。攻击者可利用该漏洞获取并修改任意病人的病例信息。
CVSS Information
N/A
Vulnerability Type
N/A