Unrated severityNVD Advisory· Published Jun 28, 2019· Updated May 22, 2025
Medtronic MiniMed 508 and Paradigm Series Insulin Pumps Improper Access Control
CVE-2019-10964
Description
Medtronic MiniMed Insulin Pumps
are designed to communicate using a wireless RF with other devices, such as blood glucose meters, glucose sensor transmitters, and CareLink USB devices. This wireless RF communication protocol does not properly implement authentication or authorization. An attacker with adjacent access to one of the affected insulin pump models can inject, replay, modify, and/or intercept data. This vulnerability could also allow attackers to change pump settings and control insulin delivery.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12- Medtronic/MiniMed 508 pumpv5Range: All versions
- Medtronic/MiniMed Paradigm 511 pumpv5Range: All versions
- Medtronic/MiniMed Paradigm 512/712 pumpsv5Range: All versions
- Medtronic/MiniMed Paradigm 515/715 pumpsv5Range: All versions
- Medtronic/MiniMed Paradigm 522/722 pumpsv5Range: All versions
- Medtronic/MiniMed Paradigm 522K/722K pumpsv5Range: All versions
- Medtronic/MiniMed Paradigm 523/723 pumpsv5Range: 0
- Medtronic/MiniMed Paradigm 523K/723K pumpsv5Range: 0
- Medtronic/MiniMed Paradigm 712E pumpv5Range: All versions
- Medtronic/MiniMed Paradigm Veo 554/754 pumpsv5Range: 0
- Medtronic/MiniMed Paradigm Veo 554CM/754CM pumpsv5Range: 0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.