CVE-2020-8997

Опубликовано: 16 фев. 2020

Источник: nvd

CVSS3: 8.8

CVSS2: 5.8

EPSS Низкий

Описание

Older generation Abbott FreeStyle Libre sensors allow remote attackers within close proximity to enable write access to memory via a specific NFC unlock command. NOTE: The vulnerability is not present in the FreeStyle Libre 14-day in the U.S (announced in August 2018) and FreeStyle Libre 2 outside the U.S (announced in October 2018).

Ссылки

https://fortiguard.com/zeroday/FG-VD-19-112
Third Party Advisory
https://fortiguard.com/zeroday/FG-VD-19-112
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:abbott:freestyle_libre_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:abbott:freestyle_libre:-:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00555

Низкий

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-58mq-67r3-jpgf

github

больше 3 лет назад

Abbott FreeStyle Libre 14-day before February 2020 and FreeStyle Libre 2 before February 2020 allow remote attackers to enable write access via a specific NFC unlock command.