PT-2025-49126 · Medtronic · Medtronic Carelink Network
Published
2025-12-04
·
Updated
2025-12-22
·
CVE-2025-12996
CVSS v3.1
4.1
Medium
| Vector | AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Medtronic CareLink Network versions prior to December 4, 2025
Description
A local attacker gaining access to log files on an internal API server can view passwords in plaintext due to errors logged under specific conditions.
Recommendations
Update to a version of Medtronic CareLink Network released on or after December 4, 2025.
Fix
Insertion into Log File
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Medtronic Carelink Network