Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Medtronic MyCareLink Smart Time-of-check Time-of-use Race Condition
Vulnerability Description
Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Vulnerability Title
Medtronic MyCareLink Smart Model 25000 Patient Reader 输入验证错误漏洞
Vulnerability Description
Medtronic MyCareLink Smart Model 25000 Patient Reader是印度Medtronic公司的一个用于医疗行业可与医疗设备进行可视化交互的阅读器。 MCL Smart Patient Reader 存在输入验证错误漏洞,该漏洞源于容易出现竞争状况Patient Reader软件更新系统,允许未签名的固件在患者阅读器上上传并执行。 攻击者可能在设备上远程执行代码,从而导致设备控制。
CVSS Information
N/A
Vulnerability Type
N/A