CVE-2018-8868: Medtronic MyCareLink Patient Monitor Exposed Dangerous Method or Function

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-8868

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Medtronic MyCareLink Patient Monitor Exposed Dangerous Method or Function

Source: NVD (National Vulnerability Database)

Vulnerability Description

Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit other vulnerabilities to access this debug functionality. This debug functionality provides the ability to read and write arbitrary memory values to implantable cardiac devices via inductive or short range wireless protocols. An attacker with close physical proximity to a target implantable cardiac device can use this debug functionality.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

Source: NVD (National Vulnerability Database)

Vulnerability Type

暴露危险的方法或函数

Source: NVD (National Vulnerability Database)

Vulnerability Title

Medtronic MyCareLink Patient Monitor、24950 MyCareLink Monitor和24952 MyCareLink Monitor 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Medtronic MyCareLink Patient Monitor、24950 MyCareLink Monitor和24952 MyCareLink Monitor都是美国Medtronic公司的用于监测病人生命体征的监护仪设备。 Medtronic MyCareLink Patient Monitor、24950 MyCareLink Monitor所有版本和24952 MyCareLink Monitor所有版本中存在安全漏洞。物理位置临近的攻击者可利用该漏洞使用调试功能。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Medtronic	24950 MyCareLink Monitor	All versions	-
Medtronic	24952 MyCareLink Monitor	All versions	-

II. Public POCs for CVE-2018-8868

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-8868

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: 24950 MyCareLink Monitor

Same vendor: Medtronic

Same weakness: CWE-749

V. Comments for CVE-2018-8868

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2018-8868

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-8868

III. Intelligence Information for CVE-2018-8868

IV. Related Vulnerabilities

V. Comments for CVE-2018-8868

Leave a comment