VYPR
Vendor

SOOIL Developments Co Ltd

Products
2
CVEs
9
Across products
18
Status
Private

Products

2

Recent CVEs

9
  • CVE-2020-27264HigJan 19, 2021
    risk 0.57cvss 8.8epss 0.01

    In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys…

  • CVE-2020-27256MedJan 19, 2021
    risk 0.44cvss 6.8epss 0.00

    In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings.

  • CVE-2020-27268MedJan 19, 2021
    risk 0.42cvss 6.5epss 0.01

    In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy.

  • CVE-2020-27266MedJan 19, 2021
    risk 0.42cvss 6.5epss 0.01

    In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass user authentication checks via Bluetooth Low Energy.

  • CVE-2020-27258MedJan 19, 2021
    risk 0.42cvss 6.5epss 0.01

    In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, an information disclosure vulnerability in the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows unauthenticated attackers to extract the pump’s keypad…

  • CVE-2020-27269MedJan 19, 2021
    risk 0.37cvss 5.7epss 0.01

    In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay…

  • CVE-2020-27276MedJan 19, 2021
    risk 0.37cvss 5.7epss 0.01

    SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i & AnyDana-A mobile apps doesn't use adequate measures to authenticate the communicating entities before exchanging keys, which allows unauthenticated,…

  • CVE-2020-27272MedJan 19, 2021
    risk 0.37cvss 5.7epss 0.00

    SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the insulin pump and AnyDana-i,AnyDana-A mobile apps doesn't use adequate measures to authenticate the pump before exchanging keys, which allows unauthenticated, physically proximate…

  • CVE-2020-27270MedJan 19, 2021
    risk 0.37cvss 5.7epss 0.00

    SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in transit which allows unauthenticated physically proximate attacker to sniff keys…