exploitDog

CVE-2025-4395

Опубликовано: 24 июл. 2025

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality.

This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025

Ссылки

https://global.medtronic.com/xg-en/product-security/security-bulletins.html

EPSS

Процентиль: 7%

0.00026

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-258

Связанные уязвимости

GHSA-rxfj-gvqj-6mmm

CVSS3: 6.8

github

7 месяцев назад

Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025

EPSS

Процентиль: 7%

0.00026

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-258