Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for MyCareLink Patient Monitor 24950 by Medtronic

    CVE-2025-4397 (GCVE-0-2025-4397)

    Vulnerability from nvd – Published: 2026-05-07 15:03 – Updated: 2026-05-07 15:45
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Data Encryption Weakness
    Summary
    Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-313 - Cleartext storage in a file or on disk
    Assigner
    Impacted products
    Vendor Product Version
    Medtronic MyCareLink Patient Monitor 24950 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Medtronic MyCareLink Patient Monitor 24952 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4397",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-07T15:45:00.819845Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-07T15:45:18.202Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data."
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-49",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-49 Password Brute Forcing"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-313",
                  "description": "CWE-313 Cleartext storage in a file or on disk",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T15:03:35.674Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-8-7-18.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-219-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Data Encryption Weakness",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4397",
        "datePublished": "2026-05-07T15:03:35.674Z",
        "dateReserved": "2025-05-06T20:24:40.064Z",
        "dateUpdated": "2026-05-07T15:45:18.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4386 (GCVE-0-2025-4386)

    Vulnerability from nvd – Published: 2026-05-07 15:00 – Updated: 2026-05-07 15:43
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Hardware Debug Port
    Summary
    Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.​
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1263 - Improper Physical Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Medtronic MyCareLink Patient Monitor 24950 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Medtronic MyCareLink Patient Monitor 24952 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-07T15:43:31.207004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-07T15:43:39.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.\u200b"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.\u200b"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-401",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-401 Physically Hacking Hardware"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1263",
                  "description": "CWE-1263: Improper Physical Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T15:00:21.310Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Hardware Debug Port",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4386",
        "datePublished": "2026-05-07T15:00:21.310Z",
        "dateReserved": "2025-05-06T16:28:04.304Z",
        "dateUpdated": "2026-05-07T15:43:39.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4395 (GCVE-0-2025-4395)

    Vulnerability from nvd – Published: 2025-07-24 03:30 – Updated: 2026-03-27 20:10
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Empty Password Vulnerability
    Summary
    Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-258 - Empty Password in Configuration File
    Assigner
    References
    Impacted products
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4395",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-24T13:18:46.616820Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-24T13:18:56.146Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-258",
                  "description": "CWE-258 Empty Password in Configuration File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T20:10:12.703Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Empty Password Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4395",
        "datePublished": "2025-07-24T03:30:24.185Z",
        "dateReserved": "2025-05-06T20:01:00.625Z",
        "dateUpdated": "2026-03-27T20:10:12.703Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4394 (GCVE-0-2025-4394)

    Vulnerability from nvd – Published: 2025-07-24 03:26 – Updated: 2026-03-27 19:40
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability
    Summary
    Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-312 - Cleartext Storage of Sensitive Information
    Assigner
    References
    Impacted products
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4394",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-24T13:19:43.967176Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-24T13:19:47.565Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312 Cleartext Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T19:40:02.815Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4394",
        "datePublished": "2025-07-24T03:26:06.706Z",
        "dateReserved": "2025-05-06T20:00:59.768Z",
        "dateUpdated": "2026-03-27T19:40:02.815Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4393 (GCVE-0-2025-4393)

    Vulnerability from nvd – Published: 2025-07-24 03:22 – Updated: 2026-03-27 19:38
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Deserialization Vulnerability
    Summary
    Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-502 - Deserialization of Untrusted Data
    Assigner
    References
    Impacted products
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4393",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-24T14:33:13.440835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-24T14:33:18.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "CWE-502 Deserialization of Untrusted Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T19:38:42.742Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Deserialization Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4393",
        "datePublished": "2025-07-24T03:22:20.208Z",
        "dateReserved": "2025-05-06T20:00:56.804Z",
        "dateUpdated": "2026-03-27T19:38:42.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4397 (GCVE-0-2025-4397)

    Vulnerability from cvelistv5 – Published: 2026-05-07 15:03 – Updated: 2026-05-07 15:45
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Data Encryption Weakness
    Summary
    Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-313 - Cleartext storage in a file or on disk
    Assigner
    Impacted products
    Vendor Product Version
    Medtronic MyCareLink Patient Monitor 24950 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Medtronic MyCareLink Patient Monitor 24952 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4397",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-07T15:45:00.819845Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-07T15:45:18.202Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC reported these vulnerabilities"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data."
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-49",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-49 Password Brute Forcing"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-313",
                  "description": "CWE-313 Cleartext storage in a file or on disk",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T15:03:35.674Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            },
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-8-7-18.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-219-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Data Encryption Weakness",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4397",
        "datePublished": "2026-05-07T15:03:35.674Z",
        "dateReserved": "2025-05-06T20:24:40.064Z",
        "dateUpdated": "2026-05-07T15:45:18.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4386 (GCVE-0-2025-4386)

    Vulnerability from cvelistv5 – Published: 2026-05-07 15:00 – Updated: 2026-05-07 15:43
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Hardware Debug Port
    Summary
    Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.​
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1263 - Improper Physical Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    Medtronic MyCareLink Patient Monitor 24950 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Medtronic MyCareLink Patient Monitor 24952 Affected: 0 , < February 25, 2026 (custom)
    Create a notification for this product.
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4386",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-07T15:43:31.207004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-07T15:43:39.136Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "February 25, 2026",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.\u200b"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal.\u200b"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-401",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-401 Physically Hacking Hardware"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1263",
                  "description": "CWE-1263: Improper Physical Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-07T15:00:21.310Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Hardware Debug Port",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4386",
        "datePublished": "2026-05-07T15:00:21.310Z",
        "dateReserved": "2025-05-06T16:28:04.304Z",
        "dateUpdated": "2026-05-07T15:43:39.136Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4395 (GCVE-0-2025-4395)

    Vulnerability from cvelistv5 – Published: 2025-07-24 03:30 – Updated: 2026-03-27 20:10
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Empty Password Vulnerability
    Summary
    Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-258 - Empty Password in Configuration File
    Assigner
    References
    Impacted products
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4395",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-24T13:18:46.616820Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-24T13:18:56.146Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor has a built-in user account with an empty password, which allows an attacker with physical access to log in with no password and access modify system functionality. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-258",
                  "description": "CWE-258 Empty Password in Configuration File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T20:10:12.703Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Empty Password Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4395",
        "datePublished": "2025-07-24T03:30:24.185Z",
        "dateReserved": "2025-05-06T20:01:00.625Z",
        "dateUpdated": "2026-03-27T20:10:12.703Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4394 (GCVE-0-2025-4394)

    Vulnerability from cvelistv5 – Published: 2025-07-24 03:26 – Updated: 2026-03-27 19:40
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability
    Summary
    Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-312 - Cleartext Storage of Sensitive Information
    Assigner
    References
    Impacted products
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4394",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-24T13:19:43.967176Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-24T13:19:47.565Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-312",
                  "description": "CWE-312 Cleartext Storage of Sensitive Information",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T19:40:02.815Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4394",
        "datePublished": "2025-07-24T03:26:06.706Z",
        "dateReserved": "2025-05-06T20:00:59.768Z",
        "dateUpdated": "2026-03-27T19:40:02.815Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4393 (GCVE-0-2025-4393)

    Vulnerability from cvelistv5 – Published: 2025-07-24 03:22 – Updated: 2026-03-27 19:38
    VLAI
    Title
    Medtronic MyCareLink Patient Monitor Deserialization Vulnerability
    Summary
    Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-502 - Deserialization of Untrusted Data
    Assigner
    References
    Impacted products
    Credits
    Ethan Morchy, with Somerset Recon Carl Mann, independent researcher
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4393",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-24T14:33:13.440835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-24T14:33:18.381Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24950",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "MyCareLink Patient Monitor 24952",
              "vendor": "Medtronic",
              "versions": [
                {
                  "lessThan": "June 25, 2025",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ethan Morchy, with Somerset Recon"
            },
            {
              "lang": "en",
              "type": "finder",
              "value": "Carl Mann, independent researcher"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. \u003cbr\u003e\u003cbr\u003eThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025\u003cbr\u003e"
                }
              ],
              "value": "Medtronic MyCareLink Patient Monitor has an internal service that deserializes data, which allows a local attacker to interact with the service by crafting a binary payload to crash the service or elevate privileges. \n\nThis issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "CWE-502 Deserialization of Untrusted Data",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-27T19:38:42.742Z",
            "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
            "shortName": "Medtronic"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.medtronic.com/en-us/e/product-security/security-bulletins/mycarelink-patient-monitor-vulnerabilities.html"
            },
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Medtronic MyCareLink Patient Monitor Deserialization Vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4",
        "assignerShortName": "Medtronic",
        "cveId": "CVE-2025-4393",
        "datePublished": "2025-07-24T03:22:20.208Z",
        "dateReserved": "2025-05-06T20:00:56.804Z",
        "dateUpdated": "2026-03-27T19:38:42.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }