Unrated severityNVD Advisory· Published Apr 25, 2018· Updated Sep 17, 2024

CVE-2017-12712

Description

The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities.

Affected products

Abbott Laboratories/Accent/anthem, Accent Mri, Assurity/allure, And Assurity Mri.v5
Range: All versions of pacemakers manufactured prior to August 28, 2017

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/100523mitrevdb-entryx_refsource_BID
ics-cert.us-cert.gov/advisories/ICSMA-17-241-01mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000