CVE Vulnerabilities

CVE-2022-32537

Protection Mechanism Failure

Published: Dec 12, 2022 | Modified: Nov 21, 2024
CVSS 3.x
4.8
MEDIUM
Source:
NVD
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance

Weakness

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Affected Software

Name Vendor Start Version End Version
Guardian_link_2_transmitter_mmt-7730_firmware Medtronic - (including) - (including)

References