How severe is CVE-2020-27252?

CVE-2020-27252 has a CVSS v3 score of 8.8 (HIGH).

CVE-2020-27252

Name: mycarelink_smart_model_25000
Author: medtronic

8.8HIGH

Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient R

게시됨: 12/14/2020업데이트됨: 5/22/2025

설명

Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device.

AI 분석AI 기반

영향받는 제품

medtronicmycarelink_smart_model_25000_firmware

medtronicmycarelink_smart_model_25000

참조

https://global.medtronic.com/xg-en/product-security/security-bulletins/mycarelink-smart-security-vulnerability-patch.html
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-20-345-01
https://us-cert.cisa.gov/ics/advisories/icsma-20-345-01
Third Party AdvisoryUS Government Resource