admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-22 20:00:38 +00:00
parent 032cd59c3e
commit 7111a668a9
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
22 changed files with 1734 additions and 288 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
2003/5xxx/CVE-2003-5004.json
View File

@ -1,17 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2003-5004",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

100
2019/13xxx/CVE-2019-13539.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-13539",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-328",
"cweId": "CWE-328"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,9 @@
"version": {
"version_data": [
{
"version_value": "version 3.4 and below"
"version_affected": "<=",
"version_name": "0",
"version_value": "3.4"
}
]
}
@ -29,7 +52,9 @@
"version": {
"version_data": [
{
"version_value": "software version 4.0.0 and below"
"version_affected": "<=",
"version_name": "0",
"version_value": "software version 4.0.0"
}
]
}
@ -39,7 +64,9 @@
"version": {
"version_data": [
{
"version_value": "software version 1.1.0 and below"
"version_affected": "<=",
"version_name": "0",
"version_value": "software version 1.1.0"
}
]
}
@ -50,32 +77,61 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "REVERSIBLE ONE-WAY HASH CWE-328"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-02",
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"
"name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-02"
},
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html",
"refsource": "MISC",
"name": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-19-311-02",
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Software patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:</p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/covidien/en-us/support/software.html\">https://www.medtronic.com/covidien/en-us/support/software.html</a></p><p>Medtronic has released additional patient focused information, at the following location:</p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\">https://www.medtronic.com/security</a></p>"
}
],
"value": "Software patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:\n\n https://www.medtronic.com/covidien/en-us/support/software.html \n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"credits": [
{
"lang": "en",
"value": "Medtronic reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use the descrypt algorithm for OS password hashing. While interactive, network-based logons are disabled, and attackers can use the other vulnerabilities within this report to obtain local shell access and access these hashes."
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

100
2019/13xxx/CVE-2019-13543.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-13543",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials",
"cweId": "CWE-798"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,9 @@
"version": {
"version_data": [
{
"version_value": "version 3.4 and below"
"version_affected": "<=",
"version_name": "0",
"version_value": "3.4"
}
]
}
@ -29,7 +52,9 @@
"version": {
"version_data": [
{
"version_value": "software version 4.0.0 and below"
"version_affected": "<=",
"version_name": "0",
"version_value": "software version 4.0.0"
}
]
}
@ -39,7 +64,9 @@
"version": {
"version_data": [
{
"version_value": "software version 1.1.0 and below"
"version_affected": "<=",
"version_name": "0",
"version_value": "software version 1.1.0"
}
]
}
@ -50,32 +77,61 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "USE OF HARD-CODED CREDENTIALS CWE-798"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-02",
"refsource": "MISC",
"name": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02",
"url": "https://www.us-cert.gov/ics/advisories/icsma-19-311-02"
"name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-19-311-02"
},
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html",
"refsource": "MISC",
"name": "https://global.medtronic.com/xg-en/product-security/security-bulletins/valleylab-generator-rfid-vulnerabilities.html"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-19-311-02",
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Software patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:</p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/covidien/en-us/support/software.html\">https://www.medtronic.com/covidien/en-us/support/software.html</a></p><p>Medtronic has released additional patient focused information, at the following location:</p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\">https://www.medtronic.com/security</a></p>"
}
],
"value": "Software patches are currently available for the FT10 platform and will be available in early 2020 for the FX8 platform. Until these updates can be applied, Medtronic recommends to either disconnect affected products from IP networks or to segregate those networks, such that the devices are not accessible from an untrusted network (e.g., Internet). Patches can be downloaded at the following location:\n\n https://www.medtronic.com/covidien/en-us/support/software.html \n\nMedtronic has released additional patient focused information, at the following location:\n\n https://www.medtronic.com/security"
}
],
"credits": [
{
"lang": "en",
"value": "Medtronic reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device."
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
]
}

383
2019/6xxx/CVE-2019-6538.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-6538",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product\u2019s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -15,68 +36,269 @@
"product": {
"product_data": [
{
"product_name": "Medtronic Conexus Radio Frequency Telemetry Protocol",
"product_name": "Conexus Radio Frequency Telemetry Protocol",
"version": {
"version_data": [
{
"version_value": "MyCareLink Monitor versions 24950 and 24952"
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "MyCareLink Monitor",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "24950"
},
{
"version_value": "CareLink Monitor version 2490C"
},
"version_affected": "=",
"version_value": "24952"
}
]
}
},
{
"product_name": "CareLink Monitor",
"version": {
"version_data": [
{
"version_value": "CareLink 2090 Programmer"
},
"version_affected": "=",
"version_value": "2490C"
}
]
}
},
{
"product_name": "CareLink 2090 Programmer",
"version": {
"version_data": [
{
"version_value": "Amplia CRT-D"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Amplia CRT-D",
"version": {
"version_data": [
{
"version_value": "Claria CRT-D"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Claria CRT-D",
"version": {
"version_data": [
{
"version_value": "Compia CRT-D"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Compia CRT-D",
"version": {
"version_data": [
{
"version_value": "Concerto CRT-D"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Concerto CRT-D",
"version": {
"version_data": [
{
"version_value": "Concerto II CRT-D"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Concerto II CRT-D",
"version": {
"version_data": [
{
"version_value": "Consulta CRT-D"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Consulta CRT-D",
"version": {
"version_data": [
{
"version_value": "Evera ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Evera ICD",
"version": {
"version_data": [
{
"version_value": "Maximo II CRT-D and ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Maximo II CRT-D",
"version": {
"version_data": [
{
"version_value": "Mirro ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Maximo II ICD",
"version": {
"version_data": [
{
"version_value": "Nayamed ND ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Mirro ICD",
"version": {
"version_data": [
{
"version_value": "Primo ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Nayamed ND ICD",
"version": {
"version_data": [
{
"version_value": "Protecta ICD and CRT-D"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Primo ICD",
"version": {
"version_data": [
{
"version_value": "Secura ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Protecta ICD, Protecta CRT-D",
"version": {
"version_data": [
{
"version_value": "Virtuoso ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Secura ICD",
"version": {
"version_data": [
{
"version_value": "Virtuoso II ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Virtuoso ICD",
"version": {
"version_data": [
{
"version_value": "Visia AF ICD"
},
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Virtuoso II ICD",
"version": {
"version_data": [
{
"version_value": "Viva CRT-D"
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Visia AF ICD",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Viva CRT-D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Brava CRT-D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Mirro MRI ICD",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -87,37 +309,74 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "107544",
"url": "http://www.securityfocus.com/bid/107544"
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01",
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
},
{
"refsource": "CONFIRM",
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
"url": "http://www.securityfocus.com/bid/107544",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107544"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-19-080-01",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Medtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.</p><p>Medtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:</p><ul><li>Maintain good physical control over home monitors and programmers.</li><li>Use only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.</li><li>Do not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.</li><li>Only use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.</li><li>Only use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.</li><li>Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.</li></ul><p>Medtronic has released additional <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\">patient focused information</a>.</p>\n\n<br>"
}
],
"value": "Medtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.\n\nMedtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Maintain good physical control over home monitors and programmers.\n * Use only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.\n * Do not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.\n * Only use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.\n * Only use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n * Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\n\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security ."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Medtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:<br></p><ul><li>Protecta CRT-D and implantable cardioverter defibrillators (ICDs), all models</li></ul><ul><li>Amplia MRI CRT-D, all models (patch available in U.S. only)</li><li>Claria MRI CRT-D, all models (patch available in U.S. only)</li><li>Compia MRI CRT-D, all models (patch available in U.S. only)</li><li>Visia AF MRI ICD, all models</li><li>Visia AF ICD, all models </li><li>Brava CRT-D, all models &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;</li><li>Evera MRI ICD, all models</li><li>Evera ICD, all models</li><li>Mirro MRI ICD, all models</li><li>Primo MRI ICD, all models</li><li>Viva CRT-D, all models</li></ul>\n\n<br>"
}
],
"value": "Medtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:\n\n\n * Protecta CRT-D and implantable cardioverter defibrillators (ICDs), all models\n\n\n * Amplia MRI CRT-D, all models (patch available in U.S. only)\n * Claria MRI CRT-D, all models (patch available in U.S. only)\n * Compia MRI CRT-D, all models (patch available in U.S. only)\n * Visia AF MRI ICD, all models\n * Visia AF ICD, all models \n * Brava CRT-D, all models \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n * Evera MRI ICD, all models\n * Evera ICD, all models\n * Mirro MRI ICD, all models\n * Primo MRI ICD, all models\n * Viva CRT-D, all models"
}
],
"credits": [
{
"lang": "en",
"value": "Peter Morgan of Clever Security; Dave Singel\u00e9e and Bart Preneel of KU Leuven; Eduard Marin formerly of KU Leuven, currently with University of Birmingham; Flavio D. Garcia; Tom Chothia of the University of Birmingham; and Rik Willems of University Hospital Gasthuisberg Leuven reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product\u2019s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device."
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
}
]
}

187
2019/6xxx/CVE-2019-6540.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-6540",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319 Cleartext Transmission of Sensitive Information",
"cweId": "CWE-319"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -29,9 +51,11 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "24950"
},
{
"version_affected": "=",
"version_value": "24952"
}
]
@ -42,6 +66,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2490C"
}
]
@ -52,7 +77,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -62,7 +88,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -72,7 +99,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -82,7 +110,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -92,7 +121,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -102,7 +132,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -112,7 +143,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -122,7 +154,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -132,7 +165,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -142,7 +176,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -152,7 +187,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -162,7 +198,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -172,7 +209,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -182,7 +220,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -192,7 +231,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -202,7 +242,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -212,7 +253,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -222,7 +264,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -232,7 +275,30 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Brava CRT-D",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Mirro MRI ICD",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -243,37 +309,74 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext transmission of sensitive information CWE-319"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01",
"refsource": "MISC",
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"
},
{
"refsource": "BID",
"name": "107544",
"url": "http://www.securityfocus.com/bid/107544"
"url": "http://www.securityfocus.com/bid/107544",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/107544"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-19-080-01",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Medtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.</p><p>Medtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:</p><ul><li>Maintain good physical control over home monitors and programmers.</li><li>Use only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.</li><li>Do not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.</li><li>Only use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.</li><li>Only use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.</li><li>Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.</li></ul><p>Medtronic has released additional <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\">patient focused information</a>.</p>\n\n<br>"
}
],
"value": "Medtronic has applied additional controls for monitoring and responding to improper use of the Conexus telemetry protocol by the affected implanted cardiac devices. Additional mitigations are being developed and will be deployed through future updates, assuming regulatory approval.\n\nMedtronic recommends that users take additional defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n\n * Maintain good physical control over home monitors and programmers.\n * Use only home monitors, programmers, and implantable devices obtained directly from your healthcare provider or a Medtronic representative to ensure integrity of the system.\n * Do not connect unapproved devices to home monitors and programmers through USB ports or other physical connections.\n * Only use programmers to connect and interact with implanted devices in physically controlled hospital and clinical environments.\n * Only use home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n * Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.\n\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security ."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Medtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:<br></p><ul><li>Protecta CRT-D and implantable cardioverter defibrillators (ICDs), all models</li></ul><ul><li>Amplia MRI CRT-D, all models (patch available in U.S. only)</li><li>Claria MRI CRT-D, all models (patch available in U.S. only)</li><li>Compia MRI CRT-D, all models (patch available in U.S. only)</li><li>Visia AF MRI ICD, all models</li><li>Visia AF ICD, all models </li><li>Brava CRT-D, all models &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;</li><li>Evera MRI ICD, all models</li><li>Evera ICD, all models</li><li>Mirro MRI ICD, all models</li><li>Primo MRI ICD, all models</li><li>Viva CRT-D, all models</li></ul>\n\n<br>"
}
],
"value": "Medtronic has developed mitigating patches for a subset of the \naffected implanted cardiac device models. These patches are installed \nduring regular office visits. Medtronic has stated that patches for \nadditional impacted models are being developed by Medtronic and will be \ndeployed through future updates. Patches are currently available for the\n following affected models:\n\n\n * Protecta CRT-D and implantable cardioverter defibrillators (ICDs), all models\n\n\n * Amplia MRI CRT-D, all models (patch available in U.S. only)\n * Claria MRI CRT-D, all models (patch available in U.S. only)\n * Compia MRI CRT-D, all models (patch available in U.S. only)\n * Visia AF MRI ICD, all models\n * Visia AF ICD, all models \n * Brava CRT-D, all models \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0\n * Evera MRI ICD, all models\n * Evera ICD, all models\n * Mirro MRI ICD, all models\n * Primo MRI ICD, all models\n * Viva CRT-D, all models"
}
],
"credits": [
{
"lang": "en",
"value": "Peter Morgan of Clever Security; Dave Singel\u00e9e and Bart Preneel of KU Leuven; Eduard Marin formerly of KU Leuven, currently with University of Birmingham; Flavio D. Garcia; Tom Chothia of the University of Birmingham; and Rik Willems of University Hospital Gasthuisberg Leuven reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

112
2020/25xxx/CVE-2020-25183.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25183",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 contains \n\nan authentication protocol vulnerability where the method used to authenticate between the MCL Smart Patient Reader and the Medtronic MyCareLink Smart mobile app is vulnerable to bypass. This vulnerability enables an attacker to use another mobile device or malicious application on the patient\u2019s smartphone to authenticate to the patient\u2019s Medtronic Smart Reader, fooling the device into believing it is communicating with the original Medtronic smart phone application when executed within range of Bluetooth communication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Smart 25000 Reader",
"product_name": "Smart Model 25000 Patient Reader",
"version": {
"version_data": [
{
"version_value": "Smart 25000 all versions"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -30,32 +52,78 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER AUTHENTICATION CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html",
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
"name": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-20-345-01",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:</p><ul><li>Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.</li><li>Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.</li></ul><p>Medtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:</p><ul><li>Maintain good physical control over home monitors.<ul><li>This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.</li></ul></li><li>Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.</li><li>Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.</li></ul><p>Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.</p>\n\n<br>"
}
],
"value": "In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\n\n * Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\n * Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\n\n\nMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\n\n * Maintain good physical control over home monitors. * This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n\n\n\n * Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.\n * Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\n\n\nReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.</p><p>Medtronic has released additional <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\">patient focused information</a>: </p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/xg-en/product-security/security-bulletins.html\">https://www.medtronic.com/xg-en/product-security/security-bulletins.html </a></p>\n\n<br>"
}
],
"value": "A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security : \n\n https://www.medtronic.com/xg-en/product-security/security-bulletins.html https://www.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"credits": [
{
"lang": "en",
"value": "Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic."
},
{
"lang": "en",
"value": "Eric Gustafson, Sara Rampazzi, Paul Grosen, Christopher Kruegel, and Giovanni Vigna from the University of California Santa Barbara, University of Florida, and University of Michigan"
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the method used to auth between MCL Smart Patient Reader and MyCareLink Smart mobile app is vulnerable to bypass. This vuln allows attacker to use other mobile device or malicious app on smartphone to auth to the patient\u2019s Smart Reader, fools the device into thinking its communicating with the actual smart phone application when executed in range of Bluetooth."
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

108
2020/25xxx/CVE-2020-25187.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-25187",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 is \n\n\u00a0vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart Patient Reader software stack. The heap overflow could allow an attacker to remotely execute code on the MCL Smart Patient Reader, potentially leading to control of the device"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Smart 25000 Reader",
"product_name": "Smart Model 25000 Patient Reader",
"version": {
"version_data": [
{
"version_value": "Smart 25000 all versions"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -30,32 +52,74 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HEAP-BASED BUFFER OVERFLOW CWE-122"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html",
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
"name": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-20-345-01",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:</p><ul><li>Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.</li><li>Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.</li></ul><p>Medtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:</p><ul><li>Maintain good physical control over home monitors.<ul><li>This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.</li></ul></li><li>Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.</li><li>Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.</li></ul><p>Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.</p>\n\n<br>"
}
],
"value": "In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\n\n * Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\n * Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\n\n\nMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\n\n * Maintain good physical control over home monitors. * This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n\n\n\n * Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.\n * Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\n\n\nReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.</p><p>Medtronic has released additional <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\">patient focused information</a>: </p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/xg-en/product-security/security-bulletins.html\">https://www.medtronic.com/xg-en/product-security/security-bulletins.html </a></p>\n\n<br>"
}
],
"value": "A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security : \n\n https://www.medtronic.com/xg-en/product-security/security-bulletins.html https://www.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"credits": [
{
"lang": "en",
"value": "Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 all versions are vulnerable when an attacker who gains auth runs a debug command, which is sent to the reader causing heap overflow in the MCL Smart Reader stack. A heap overflow allows attacker to remotely execute code on the MCL Smart Reader, could lead to control of device."
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

108
2020/27xxx/CVE-2020-27252.json
View File

@ -1,25 +1,47 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-27252",
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 is \n\nvulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"cweId": "CWE-367"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Medtronic",
"product": {
"product_data": [
{
"product_name": "Medtronic MyCareLink Smart 25000 Reader",
"product_name": "Smart Model 25000 Patient Reader",
"version": {
"version_data": [
{
"version_value": "Smart 25000 all versions"
"version_affected": "=",
"version_value": "All versions"
}
]
}
@ -30,32 +52,74 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "TIME-OF-CHECK TIME-OF-USE RACE CONDITION CWE-367"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html",
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01",
"url": "https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01"
"name": "https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01"
}
]
},
"description": {
"description_data": [
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "ICSMA-20-345-01",
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:</p><ul><li>Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.</li><li>Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.</li></ul><p>Medtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:</p><ul><li>Maintain good physical control over home monitors.<ul><li>This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.</li></ul></li><li>Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.</li><li>Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.</li></ul><p>Report any concerning behavior regarding these products to your healthcare provider or a Medtronic representative.</p>\n\n<br>"
}
],
"value": "In response to these vulnerabilities, Medtronic has applied additional controls for monitoring and responding to improper use of the MCL Smart Patient Reader:\n\n * Medtronic has implemented enhanced integrity validation (EIV) technology, which provides early detection and real-time mitigation of known vulnerability exploitation attempts.\n * Medtronic has also implemented advanced detection system technology, which enables device-level logging and monitoring of all device activity and behavior.\n\n\nMedtronic recommends that users take additional defensive measures to minimize risk. Specifically, users should:\n\n * Maintain good physical control over home monitors. * This includes only using home monitors in private environments such as a home, apartment, or otherwise physically controlled environment.\n\n\n\n * Use only home monitors obtained directly from your healthcare provider or a Medtronic representative.\n * Patients should ensure that the operating system of their mobile phone is updated to the latest version of the available Android or Apple iOS operating system.\n\n\nReport any concerning behavior regarding these products to your healthcare provider or a Medtronic representative."
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.</p><p>Medtronic has released additional <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/security\">patient focused information</a>: </p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.medtronic.com/xg-en/product-security/security-bulletins.html\">https://www.medtronic.com/xg-en/product-security/security-bulletins.html </a></p>\n\n<br>"
}
],
"value": "A firmware update to eliminates these vulnerabilities has been developed by Medtronic and is available by updating the MyCareLink Smartapp via the associated mobile application store. Upgrading to the latest v5.2 mobile application version will ensure the Patient Reader is also updated on next use. The user\u2019s smart phone must be updated to the following operating system version for the patches to be applied: iOS 10 and above; Android 6.0 and above.\n\nMedtronic has released additional patient focused information https://www.medtronic.com/security : \n\n https://www.medtronic.com/xg-en/product-security/security-bulletins.html https://www.medtronic.com/xg-en/product-security/security-bulletins.html"
}
],
"credits": [
{
"lang": "en",
"value": "Sternum, based in Tel Aviv, Israel, discovered and initially reported these vulnerabilities to Medtronic."
}
],
"impact": {
"cvss": [
{
"lang": "eng",
"value": "Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device."
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

21
2024/13xxx/CVE-2024-13858.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018invitee_name\u2019 parameter in all versions up to, and including, 2.8.50 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 2.8.41."
"value": "The BuddyBoss Platform plugin and BuddyBoss Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018invitee_name\u2019 parameter in all versions up to, and including, 2.8.50 and 2.8.41, respectively, due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in the BuddyBoss Platform plugin in version 2.8.41."
}
]
},
@ -36,7 +36,19 @@
"product": {
"product_data": [
{
"product_name": "Buddyboss Platform",
"product_name": "BuddyBoss Theme",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "2.8.41"
}
]
}
},
{
"product_name": "BuddyBoss Platform",
"version": {
"version_data": [
{
@ -69,6 +81,11 @@
"url": "https://www.buddyboss.com/resources/buddyboss-platform-releases/2-8-51/",
"refsource": "MISC",
"name": "https://www.buddyboss.com/resources/buddyboss-platform-releases/2-8-51/"
},
{
"url": "https://www.buddyboss.com/resources/buddyboss-theme-releases/2-8-50/",
"refsource": "MISC",
"name": "https://www.buddyboss.com/resources/buddyboss-theme-releases/2-8-50/"
}
]
},

61
2024/40xxx/CVE-2024-40458.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40458",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1E8dxLt2LnvmLcCEUyp6qtnG-yZjyvMji/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1E8dxLt2LnvmLcCEUyp6qtnG-yZjyvMji/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/40xxx/CVE-2024-40459.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40459",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local attacker to escalate privileges via the application manager function"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1J2PsjRc6u2q4Teo3eVnBVmTEFjOgaPzX/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1J2PsjRc6u2q4Teo3eVnBVmTEFjOgaPzX/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/40xxx/CVE-2024-40460.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40460",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the JOBENTRY.EXE"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/10M4x2jL_l-kPSZOOE_tUmBzCTCr0tMiF/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/10M4x2jL_l-kPSZOOE_tUmBzCTCr0tMiF/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/40xxx/CVE-2024-40461.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40461",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the STOCKORDERENTRY.EXE component"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1DyiyLQRvTRAZD8gn2BT7oDzX1NQ7wmFT/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1DyiyLQRvTRAZD8gn2BT7oDzX1NQ7wmFT/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/40xxx/CVE-2024-40462.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-40462",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-40462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the SETTINGSVATIGATOR.EXE component"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1MDU9FGo36U83yQy55nnVj1syWVy9WLm5/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1MDU9FGo36U83yQy55nnVj1syWVy9WLm5/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/41xxx/CVE-2024-41195.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-41195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1U50ZsLo7VXWKQ1_6FxWy70F_75jzVUwi/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1U50ZsLo7VXWKQ1_6FxWy70F_75jzVUwi/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

66
2024/41xxx/CVE-2024-41196.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-41196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://cwe.mitre.org/data/definitions/285.html",
"refsource": "MISC",
"name": "https://cwe.mitre.org/data/definitions/285.html"
},
{
"url": "https://drive.google.com/file/d/1UqJAQiwhHZCHtgac4-YiJHElBYhqUu3M/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1UqJAQiwhHZCHtgac4-YiJHElBYhqUu3M/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/41xxx/CVE-2024-41197.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-41197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1XgbcJqYIHxAROcCACdgdD8V_97Hcwdze/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1XgbcJqYIHxAROcCACdgdD8V_97Hcwdze/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/41xxx/CVE-2024-41198.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-41198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1k7P36ygRjQE6XfcT-FJgsN2yrtQy2yhH/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1k7P36ygRjQE6XfcT-FJgsN2yrtQy2yhH/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

61
2024/41xxx/CVE-2024-41199.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-41199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-41199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://drive.google.com/file/d/1dVvH9l0gKRK0OPcF6_8yTLPsARKFqWqB/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/1dVvH9l0gKRK0OPcF6_8yTLPsARKFqWqB/view?usp=drive_link"
},
{
"refsource": "MISC",
"name": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md",
"url": "https://gist.githubusercontent.com/john0x186/1d9cc7fcc8386480d2bdaa9fdcfa914b/raw/d2d3d74ccaa939127ee2b03139061509a7dd238c/full-disclosure.md"
}
]
}

115
2024/5xxx/CVE-2024-5962.json
View File

@ -1,17 +1,124 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5962",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wso2.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the authentication endpoint of multiple WSO2 products due to missing output encoding of user-supplied input. A malicious actor can exploit this vulnerability to inject arbitrary JavaScript into the authentication flow, potentially leading to UI modifications, redirections to malicious websites, or data exfiltration from the browser.\n\nWhile this issue could allow an attacker to manipulate the user\u2019s browser, session-related sensitive cookies remain protected with the httpOnly flag, preventing session hijacking."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WSO2",
"product": {
"product_data": [
{
"product_name": "WSO2 API Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.2.0",
"version_value": "4.2.0.94"
},
{
"version_affected": "<",
"version_name": "4.3.0",
"version_value": "4.3.0.9"
}
]
}
},
{
"product_name": "WSO2 Identity Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.0.199"
},
{
"version_affected": "<",
"version_name": "6.1.0",
"version_value": "6.1.0.172"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3443/",
"refsource": "MISC",
"name": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3443/"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "WSO2-2024-3443",
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Follow the instructions given on <a target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3443/#solution\">https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3...</a> <br><br>"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3443/#solution"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

147
2024/7xxx/CVE-2024-7487.json
View File

@ -1,17 +1,156 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-7487",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wso2.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an implementation flaw that allows app-native authentication to be bypassed when an invalid object is passed.\n\nExploitation of this vulnerability could enable malicious actors to circumvent the client verification mechanism, compromising the integrity of the authentication process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "WSO2",
"product": {
"product_data": [
{
"product_name": "WSO2 Identity Server",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7.0.0",
"version_value": "7.0.0.65"
}
]
}
},
{
"product_name": "Client Attestation Filter",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "7.0.26.24",
"status": "affected",
"version": "7.0.26",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0.51",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "WSO2 Carbon Identity Client Attestation Met Data Mgt BE",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "7.0.78.44",
"status": "affected",
"version": "7.0.78",
"versionType": "custom"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.1.30",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3348/",
"refsource": "MISC",
"name": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3348/"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "WSO2-2024-3348",
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<span style=\"background-color: transparent;\">Follow the instructions given on </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3348/#solution\"><span style=\"background-color: transparent;\">https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3348/#solution</span></a> <br>"
}
],
"value": "Follow the instructions given on https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3348/#solution https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3348/#solution"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
]
}

18
2025/5xxx/CVE-2025-5096.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5096",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}