CVEs and Security Vulnerabilities CVEs and Security Vulnerabilities - OpenCVE

ReportizFlow

Filtered by vendor Medtronic Subscriptions

Filtered by product Mycarelink Monitor 24952 Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-4386	1 Medtronic	2 Mycarelink Monitor 24950, Mycarelink Monitor 24952	2026-05-07	6.8 Medium
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.
CVE-2025-4397	1 Medtronic	2 Mycarelink Monitor 24950, Mycarelink Monitor 24952	2026-05-07	6.8 Medium
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data.
CVE-2019-6540	1 Medtronic	46 Amplia Crt-d, Amplia Crt-d Firmware, Carelink 2090 and 43 more	2025-05-22	6.5 Medium
The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data.

Page 1 of 1.