Posted on

CVE-2018-10622 (mycarelink_24950_patient_monitor_firmware, mycarelink_24952_patient_monitor_firmware)

A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest.