Описание
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that are stored in a recoverable format. An attacker with physical access to the CardioMessenger can use these credentials for network authentication and decryption of local data in transit.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:biotronik:cardiomessenger_ii-s_gsm_firmware:2.20:*:*:*:*:*:*:*
cpe:2.3:h:biotronik:cardiomessenger_ii-s_gsm:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:biotronik:cardiomessenger_ii-s_t-line_firmware:2.20:*:*:*:*:*:*:*
cpe:2.3:h:biotronik:cardiomessenger_ii-s_t-line:-:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-257
CWE-522
Связанные уязвимости
github
больше 3 лет назад
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that are stored in a recoverable format. An attacker with physical access to the CardioMessenger can use these credentials for network authentication and decryption of local data in transit.
EPSS
Процентиль: 18%
0.00056
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-257
CWE-522