CVE-2019-18252

Summary

BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes. An attacker with adjacent access to the CardioMessenger can disclose its credentials used for connecting to the BIOTRONIK Remote Communication infrastructure.

Affected Software

VendorProductVersion RangeStatus
n/aBIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSMCardioMessenger II-S T-Line T4APP 2.20, CardioMessenger II-S GSM T4APP 2.20affected

Weaknesses

  • CWE-287: IMPROPER AUTHENTICATION CWE-287

ADP Enrichment

CVE Program Container

Additional References

References