VYPR

Encore Programmers

by Medtronic

CVEs (4)

  • CVE-2018-10596HigJul 3, 2018
    risk 0.46cvss 7.1epss 0.01

    Medtronic 2090 CareLink Programmer uses a virtual private network connection to securely download updates. It does not verify it is still connected to this virtual private network before downloading updates. The affected products initially establish an encapsulated IP-based…

  • CVE-2018-5446MedMay 4, 2018
    risk 0.32cvss 4.9epss 0.00

    Medtronic 2090 CareLink Programmer uses a per-product username and password that is stored in a recoverable format.

  • CVE-2018-5448MedMay 4, 2018
    risk 0.31cvss 4.8epss 0.01

    Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system.

  • CVE-2018-18984Dec 14, 2018
    risk 0.00cvss epss 0.00

    Medtronic CareLink and Encore Programmers do not encrypt or do not sufficiently encrypt sensitive PII and PHI information while at rest .