CVE-2020-27264
8.8HIGHIn SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which a
Veröffentlicht: 1/19/2021Aktualisiert: 11/21/2024
Beschreibung
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy.
KI-AnalyseKI-gestützt
Betroffene Produkte
sooilanydana-a_firmware
sooilanydana-a
-
sooilanydana-i_firmware
sooilanydana-i
-
sooildiabecare_rs_firmware
sooildiabecare_rs
-
Referenzen
- https://us-cert.cisa.gov/ics/advisories/icsma-21-012-01Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsma-21-012-01Third Party AdvisoryUS Government Resource