VYPR

MiniMed MMT

by Medtronic

CVEs (2)

  • CVE-2018-14781MedAug 13, 2018
    risk 0.35cvss 5.3epss 0.01

    Medtronic MiniMed MMT devices when paired with a remote controller and having the “easy bolus” and “remote bolus” options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller…

  • CVE-2018-10634MedAug 13, 2018
    risk 0.31cvss 4.8epss 0.00

    Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.