HIGHπŸ‡΅πŸ‡± Wersja polska

CVE-2017-12712

CVSS 8.8v3.0pub. 2018-04-25upd. 2024-11-21

The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities.

CVSS Vector
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Abbott Accent

    HW
    Abbott
    wszystkie wersje
  • Abbott Accent Firmware

    OS
    Abbott
    < f0b.0e.7e
  • Abbott Accent Mri

    HW
    Abbott
    wszystkie wersje
  • Abbott Accent Mri Firmware

    OS
    Abbott
    < f10.08.6c
  • Abbott Accent St

    HW
    Abbott
    wszystkie wersje
  • Abbott Accent St Firmware

    OS
    Abbott
    < f10.08.6c
  • Abbott Allure

    HW
    Abbott
    wszystkie wersje
  • Abbott Allure Firmware

    OS
    Abbott
    < f14.07.80
  • Abbott Anthem

    HW
    Abbott
    wszystkie wersje
  • Abbott Anthem Firmware

    OS
    Abbott
    < f0b.0e.7e
  • Abbott Assurity

    HW
    Abbott
    wszystkie wersje
  • Abbott Assurity Firmware

    OS
    Abbott
    < f14.07.80
  • Abbott Assurity Mri

    HW
    Abbott
    wszystkie wersje
  • Abbott Assurity Mri Firmware

    OS
    Abbott
    < f17.01.49
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2017-12714MEDIUM6.5ten sam produkt

Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of corre...

CVE-2017-12716MEDIUM6.5ten sam produkt

Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patie...

CVE-2020-8997HIGH8.8ten sam vendor

Older generation Abbott FreeStyle Libre sensors allow remote attackers within close proximity to enable write ...

CVE-2017-5149HIGH8.9ten sam vendor

An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; I...

CVE-2023-47262MEDIUM5.2ten sam vendor

The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and...

CVE-2017-12712 β€” Abbott β€” Accent β€” HIGH β€” CVSS 8.8 | CVEbaza.pl