Vulnerabilities for N'vision 8870 firmware (Medtronic) - CXSECURITY.COM

Vulnerabilities for 'N'vision 8870 firmware'

2018-07-13

CVE-2018-10631

CWE-693

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions. The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer.

2018-05-18

CVE-2018-8849

CWE-310

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest.

>>> Vendor: Medtronic 20 Products

Paradigm wireless insulin pump

2090 carelink programmer firmware

N'vision 8840 firmware

N'vision 8870 firmware

24950 mycarelink monitor firmware

24952 mycarelink monitor firmware

Mycarelink 24950 patient monitor firmware

Mycarelink 24952 patient monitor firmware

Minimed 530g mmt-551 firmware

Minimed 530g mmt-751 firmware

Minimed paradigm 508 insulin pump firmware

Minimed paradigm real-time mmt-522 firmware

Minimed paradigm real-time mmt-722 firmware

Minimed paradigm revel mmt-523 firmware

Minimed paradigm revel mmt-523k firmware

Minimed paradigm revel mmt-723 firmware

Minimed paradigm revel mmt-723k firmware

29901 encore programmer firmware

Carelink 2090 programmer firmware

Carelink 9790 programmer firmware

Copyright 2019, cxsecurity.com