\n\nMedtronic MiniMed MMT \n\ndevices when paired with a remote controller and having the “easy bolus” and “remote bolus” options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery.\n\n\n\n
"}],"value":"Medtronic MiniMed MMT \n\ndevices when paired with a remote controller and having the “easy bolus” and “remote bolus” options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"ADJACENT_NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-294","description":"CWE-294 Authentication Bypass by Capture-replay","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert","dateUpdated":"2025-05-22T16:33:08.385Z"},"references":[{"url":"https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html"},{"name":"105044","url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"},{"tags":["vdb-entry"],"url":"http://www.securityfocus.com/bid/105044"}],"source":{"advisory":"ICSMA-18-219-02","discovery":"EXTERNAL"},"title":"Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Authentication Bypass by Capture-replay","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"The remote option is turned off in the pump by default.
Medtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic.
Medtronic has released additional patient focused information.
Additionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic.
"}],"value":"The remote option is turned off in the pump by default. \n\nMedtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. \n\nMedtronic has released additional patient focused information https://www.medtronic.com/security .\n\nAdditionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic."}],"x_generator":{"engine":"Vulnogram 0.2.0"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"ics-cert@hq.dhs.gov","DATE_PUBLIC":"2018-08-08T00:00:00","ID":"CVE-2018-10634","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Medtronic insulin pump","version":{"version_data":[{"version_value":"MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G"}]}}]},"vendor_name":"ICS-CERT"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319"}]}]},"references":{"reference_data":[{"name":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02","refsource":"MISC","url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"},{"name":"105044","refsource":"BID","url":"http://www.securityfocus.com/bid/105044"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T09:38:13.831Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02"},{"name":"105044","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/105044"}]}]},"cveMetadata":{"assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","assignerShortName":"icscert","cveId":"CVE-2018-14781","datePublished":"2018-08-13T22:00:00.000Z","dateReserved":"2018-08-01T00:00:00.000Z","dateUpdated":"2025-05-22T16:33:08.385Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}