VYPR
Unrated severityNVD Advisory· Published Jun 28, 2019· Updated May 22, 2025

Medtronic MiniMed 508 and Paradigm Series Insulin Pumps Improper Access Control

CVE-2019-10964

Description

Medtronic MiniMed Insulin Pumps

are designed to communicate using a wireless RF with other devices, such as blood glucose meters, glucose sensor transmitters, and CareLink USB devices. This wireless RF communication protocol does not properly implement authentication or authorization. An attacker with adjacent access to one of the affected insulin pump models can inject, replay, modify, and/or intercept data. This vulnerability could also allow attackers to change pump settings and control insulin delivery.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Medtronic/MiniMed 508 pumpv5
    Range: All versions
  • Medtronic/MiniMed Paradigm 511 pumpv5
    Range: All versions
  • Medtronic/MiniMed Paradigm 512/712 pumpsv5
    Range: All versions
  • Medtronic/MiniMed Paradigm 515/715 pumpsv5
    Range: All versions
  • Medtronic/MiniMed Paradigm 522/722 pumpsv5
    Range: All versions
  • Medtronic/MiniMed Paradigm 522K/722K pumpsv5
    Range: All versions
  • Medtronic/MiniMed Paradigm 523/723 pumpsv5
    Range: 0
  • Medtronic/MiniMed Paradigm 523K/723K pumpsv5
    Range: 0
  • Medtronic/MiniMed Paradigm 712E pumpv5
    Range: All versions
  • Medtronic/MiniMed Paradigm Veo 554/754 pumpsv5
    Range: 0
  • Medtronic/MiniMed Paradigm Veo 554CM/754CM pumpsv5
    Range: 0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.