High severity7.5NVD Advisory· Published Oct 5, 2016· Updated May 6, 2026

CVE-2016-5085

Description

Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote attackers to spoof meters by sniffing the network and then engaging in an authentication handshake.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/884840nvdThird Party AdvisoryUS Government Resource
www.kb.cert.org/vuls/id/BLUU-A9SQRSnvdThird Party AdvisoryUS Government Resource
community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pumpnvdMitigationTechnical DescriptionThird Party Advisory
www.securityfocus.com/bid/93351nvd
ics-cert.us-cert.gov/advisories/ICSMA-16-279-01nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000