mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
840 B
840 B
CVE-2018-18975
Description
An issue was discovered in the Ascensia Contour NEXT ONE app for iOS before 2019-01-15. An attacker may proxy communications between the app and Ascensia backend servers because of a weak certificate-pinning implementation, leading to disclosure of medical information.
POC
Reference
- https://depthsecurity.com/blog/medical-exploitation-you-are-now-diabetic
- https://depthsecurity.com/blog/medical-exploitation-you-are-now-diabetic
Github
No PoCs found on GitHub currently.