PT-2018-5445 · Abbott Laboratories · Anthem+1

Published

2018-04-25

Updated

2019-10-09

CVE-2017-12716

CVSS v3.1

6.5

Medium

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Abbott Laboratories Accent and Anthem pacemakers versions prior to Aug 28, 2017

Description: The issue concerns the transmission of unencrypted patient information via RF communications to programmers and home monitoring units, as well as the storage of optional patient information without encryption.

Recommendations: For Accent and Anthem pacemakers manufactured prior to Aug 28, 2017, apply the firmware update developed by Abbott to help mitigate the identified issue.

Fix

Cleartext Transmission of Sensitive Information

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319CWE-311

Related Identifiers

CVE-2017-12716

Affected Products

Accent

Anthem

PT-2018-5445 · Abbott Laboratories · Anthem+1

CVE-2017-12716

Weakness Enumeration

Related Identifiers

Affected Products

References · 4