| |
Vulnerability CVE-2017-12714
Published: 2018-04-25
| Description: |
Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life. CVSS v3 base score: 5.3, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. |
Type:
CWE-920
CVSS2 => (AV:A/AC:L/Au:N/C:N/I:N/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.1/10 |
6.9/10 |
6.5/10 |
| Exploit range |
Attack complexity |
Authentication |
Adjacent network |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
None |
Complete |
References: |
http://www.securityfocus.com/bid/100523
https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
