PT-2018-5443 · Abbott Laboratories · Pacemaker
Published
2018-04-25
·
Updated
2019-10-09
·
CVE-2017-12712
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Abbott Laboratories pacemakers versions prior to Aug 28, 2017
Description:
The authentication algorithm in the pacemakers can be compromised or bypassed, allowing a nearby attacker to issue unauthorized commands via RF communications. This involves an authentication key and time stamp.
Recommendations:
For pacemakers manufactured prior to Aug 28, 2017, apply the firmware update developed by Abbott to help mitigate the identified issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pacemaker