CVE-2019-18254
N/A
N/A
Summary
BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at rest. An attacker with physical access to the CardioMessenger can disclose medical measurement data and the serial number from the implanted cardiac device the CardioMessenger is paired with.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | BIOTRONIK CardioMessenger II-S T-Line, CardioMessenger II-S GSM | CardioMessenger II-S T-Line T4APP 2.20, CardioMessenger II-S GSM T4APP 2.20 | affected |
Weaknesses
- CWE-311: MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.