PT-2019-13399 · Medtronic · Medtronic Valleylab Ft10 Energy Platform+1

Publicado

2019-11-08

Atualizado

2020-10-09

CVE-2019-13535

CVSS v3.1

4.6

Média

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Medtronic Valleylab FT10 Energy Platform versions 2.1.0 and lower Medtronic Valleylab FT10 Energy Platform version 2.0.3 and lower Valleylab LS10 Energy Platform versions 1.20.2 and lower

Description The issue concerns the RFID security mechanism, which fails to apply read protection. This allows for full read access of the RFID security mechanism data.

Recommendations For Medtronic Valleylab FT10 Energy Platform versions 2.1.0 and lower, consider restricting access to the RFID security mechanism until a fix is available. For Medtronic Valleylab FT10 Energy Platform version 2.0.3 and lower, restrict access to the RFID security mechanism until a fix is available. For Valleylab LS10 Energy Platform versions 1.20.2 and lower, restrict access to the RFID security mechanism until a fix is available.

Correção

Incorrect Permission

Protection Mechanism Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732CWE-693

Identificadores relacionados

CVE-2019-13535

Produtos afetados

Medtronic Valleylab Ft10 Energy Platform

Valleylab Ft10 Energy Platform

PT-2019-13399 · Medtronic · Medtronic Valleylab Ft10 Energy Platform+1

CVE-2019-13535

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5