BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes. An attacker with adjacent access to the CardioMessenger can disclose its credentials used for connecting to the BIOTRONIK Remote Communication infrastructure.
References
Link | Resource |
---|---|
https://www.us-cert.gov/ics/advisories/icsma-20-170-05 | Third Party Advisory US Government Resource |
https://www.us-cert.gov/ics/advisories/icsma-20-170-05 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 04:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.us-cert.gov/ics/advisories/icsma-20-170-05 - Third Party Advisory, US Government Resource |
Information
Published : 2020-06-29 14:15
Updated : 2024-11-21 04:32
NVD link : CVE-2019-18252
Mitre link : CVE-2019-18252
CVE.ORG link : CVE-2019-18252
JSON object : View
Products Affected
biotronik
- cardiomessenger_ii-s_gsm_firmware
- cardiomessenger_ii-s_t-line
- cardiomessenger_ii-s_gsm
- cardiomessenger_ii-s_t-line_firmware
CWE
CWE-287
Improper Authentication