Ionut Cernica

**Name of the Vulnerable Software and Affected Versions** Medtronic CareLink Network versions prior to December 4, 2025 **Description** An Insecure Direct Object Reference issue exists in Medtronic CareLink Network. An authenticated attacker, possessing access to specific device and user information, can submit web requests to an API endpoint and potentially expose sensitive user information. The vulnerable API endpoint is not specified. The vulnerable parameters or variables are not specified. **Recommendations** Update Medtronic CareLink Network to a version released on or after December 4, 2025.