CVE-2020-27270

Summary

SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communication protocol of the insulin pump & AnyDana-i,AnyDana-A mobile apps doesnt use adequate measures to protect encryption keys in transit which allows unauthenticated physically proximate attacker to sniff keys via (BLE).

Affected Software

VendorProductVersion RangeStatus
n/aSOOIL Developments CoLtd DiabecareRS,AnyDana-i,AnyDana-ADana DiabecareRS,AnyDana-i,AnyDana-A,versions prior to 3.0affected

Weaknesses

  • UNPROTECTED TRANSPORT OF CREDENTIALS CWE523

ADP Enrichment

CVE Program Container

Additional References

References