CVE-2018-10631

Name of the Vulnerable Software and Affected Versions Medtronic N'Vision Clinician Programmer 8840, all versions Medtronic N'Vision removable Application Card 8870, all versions

Description The issue concerns the execution of application programs from the 8870 Application Card by the 8840 Clinician Programmer. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the card's contents, including binary executables. If the malicious code is designed to bypass protection mechanisms, it will be executed when the card is inserted into an 8840 Clinician Programmer.

Recommendations For Medtronic N'Vision Clinician Programmer 8840, all versions: Restrict physical access to the 8870 Application Card to prevent modification of its contents. For Medtronic N'Vision removable Application Card 8870, all versions: Avoid using modified or unverified Application Cards with the 8840 Clinician Programmer to minimize the risk of executing malicious code.