Unrated severityNVD Advisory· Published Dec 4, 2025· Updated Dec 9, 2025
CVE-2025-12997
CVE-2025-12997
Description
Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with access to specific device and user information to submit web requests to an API endpoint that would expose sensitive user information. This issue affects CareLink Network: before December 4, 2025.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2< December 4, 2025+ 1 more
- (no CPE)range: < December 4, 2025
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.