The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100523 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSMA-17-241-01 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2017-08-29T00:00:00
Updated: 2018-04-26T09:57:01
Reserved: 2017-08-09T00:00:00
Link: CVE-2017-12712
JSON object: View
NVD Information
Status : Modified
Published: 2018-04-25T13:29:00.227
Modified: 2019-10-09T23:23:11.170
Link: CVE-2017-12712
JSON object: View
Redhat Information
No data.
CWE