Vulnerability: Insecure Storage of Per-Product Credentials in Medtronic MyCareLink Patient Monitor

Vulnerability: Insecure Storage of Per-Product Credentials in Medtronic MyCareLink Patient Monitor

CVE-2018-10622 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:N/A:N

A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest.

Learn more about our Network Penetration Testing.