An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). The identities of the endpoints for the communication channel between the transmitter and St. Jude Medical's web site, Merlin.net, are not verified. This may allow a man-in-the-middle attacker to access or influence communications between the identified endpoints.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:HAbbott Merlin\@home Ex1100
HWAbbottwszystkie wersjeAbbott Merlin\@home Ex1150
HWAbbottwszystkie wersjeAbbott Merlin\@home Firmware
OSAbbott≤ 8.0
Powiązane podatności
Older generation Abbott FreeStyle Libre sensors allow remote attackers within close proximity to enable write ...
The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which invol...
The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and...
Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of corre...
Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patie...