CVE-2019-18248

Summary

BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication channel. An attacker can disclose the product’s client credentials for connecting to the BIOTRONIK Remote Communication infrastructure.

Affected Software

VendorProductVersion RangeStatus
n/aBIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSMCardioMessenger II-S T-Line T4APP 2.20, CardioMessenger II-S GSM T4APP 2.20affected

Weaknesses

  • CWE-319: CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319

ADP Enrichment

CVE Program Container

Additional References

References