{"containers": {"cna": {"affected": [{"product": "Conexus Radio Frequency Telemetry Protocol", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "MyCareLink Monitor", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "24950"}, {"status": "affected", "version": "24952"}]}, {"product": "CareLink Monitor", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "2490C"}]}, {"product": "CareLink 2090 Programmer", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Amplia CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Claria CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Compia CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Concerto CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Concerto II CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Consulta CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Evera ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Maximo II CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Maximo II ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Mirro ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Nayamed ND ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Primo ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Protecta ICD, Protecta CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Secura ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Virtuoso ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Virtuoso II ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Visia AF ICD", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}, {"product": "Viva CRT-D", "vendor": "Medtronic", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-319", "description": "Cleartext transmission of sensitive information CWE-319", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-03-27T15:03:42", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"}, {"name": "107544", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107544"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2019-6540", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Conexus Radio Frequency Telemetry Protocol", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "MyCareLink Monitor", "version": {"version_data": [{"version_value": "24950"}, {"version_value": "24952"}]}}, {"product_name": "CareLink Monitor", "version": {"version_data": [{"version_value": "2490C"}]}}, {"product_name": "CareLink 2090 Programmer", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Amplia CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Claria CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Compia CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Concerto CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Concerto II CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Consulta CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Evera ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Maximo II CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Maximo II ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Mirro ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Nayamed ND ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Primo ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Protecta ICD, Protecta CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Secura ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Virtuoso ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Virtuoso II ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Visia AF ICD", "version": {"version_data": [{"version_value": "n/a"}]}}, {"product_name": "Viva CRT-D", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Medtronic"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cleartext transmission of sensitive information CWE-319"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"}, {"name": "107544", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107544"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2019-6540", "datePublished": "2019-03-26T17:47:23", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2019-03-27T15:03:42", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:mycarelink_monitor_24950_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F443021-E300-4FFF-9C57-2492ED18156A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:mycarelink_monitor_24950:-:*:*:*:*:*:*:*", "matchCriteriaId": "72727063-B325-4B3F-9EC7-84D108132310", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:mycarelink_monitor_24952_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "15E9E727-AE85-4A57-A703-CC33F69B37A2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:mycarelink_monitor_24952:-:*:*:*:*:*:*:*", "matchCriteriaId": "B55FAA47-3C6F-4EDB-B061-09951AC4675C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:carelink_monitor_2490c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6355A1D-E9CC-45E4-A287-9D53CB908BC6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:carelink_monitor_2490c:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F7E9489-DAFA-4115-B238-4E7CEA951DB3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:carelink_2090_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FE6438F-F84A-4876-B13E-4C06050EF7D4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:carelink_2090:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA96FB28-A2B2-4144-87F2-19D0EEB3CBB2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:amplia_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "53F40F63-1FFD-4F1D-BB91-A0109CCE62A3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:amplia_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "E64609AE-EA44-423A-B0E1-5FBF219165C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:claria_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A9F3C231-C8D2-40A1-BA0D-8381208AD3B5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:claria_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "756E8B59-2D00-4647-8DCE-A293626FFFDD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:compia_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "832EC0E7-9AD0-42E9-9663-F9033763ADF1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:compia_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "41A7F4D2-233C-4BF7-9054-C814CE5110DF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:concerto_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "008FD034-1206-41DA-9537-1F4244236286", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:concerto_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "94A17D5C-5BC8-4066-8C2C-7AB6CA25B4F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:concerto_ii_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FA48969-0F33-434D-B210-B18D0459316C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:concerto_ii_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "77FD6FAE-32FD-48DD-8A95-881C9373F9EE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:consulta_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D02CD1C6-9229-408A-8E6E-CAB394DC489A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:consulta_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6347AAA-ACB2-4CDF-B3F5-49CA8BB17577", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:evera_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "64C40F66-1FA6-4DC6-BA87-4D7811650F81", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:evera_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEBB88DD-94C3-478D-8AFE-BC63BA73E94C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:maximo_ii_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FAFA3B0-D7F1-4C21-AEDD-5E631B0911A2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:maximo_ii_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "6DBEB243-52D7-4234-ADE6-82A512D4D32A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:maximo_ii_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BFC24421-D3A1-48DB-9646-69B0C504F9D8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:maximo_ii_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "70C76A8B-0478-4509-8D89-E3A4DD88666F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:mirro_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FBAA5C99-D5AA-4377-86A0-48862582F769", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:mirro_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "1525A59B-E8F7-43FD-8ECD-5546C4E268F6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:nayamed_nd_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F92F9AA6-56B1-4969-AADD-0D181F1F26F5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:nayamed_nd_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6BA1499-CB4E-4067-984E-048CADDB5473", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:primo_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "374D02EF-E15A-4C1A-BB1B-770F3FB75EC7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:primo_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "1941334A-A540-4ED3-8DCF-9298DC18D67E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:protecta_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3009F789-2538-4E16-AA8C-A53E86481BFB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:protecta_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABC6DC8C-A2CE-42B4-8E40-34D96CE68D9A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:protecta_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "265C5C70-FD73-4A5D-91AE-F5C1CD912369", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:protecta_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1EDDCB8-30F5-474B-9A93-772E16F584B4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:secura_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "348706DF-2F3D-4875-9450-218A2A4E9210", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:secura_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "A82FFC9C-960C-4709-AB17-0D6C7BC0E39E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:virtuoso_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "85BD02A6-B421-4E90-A91E-D966F3CE70A8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:virtuoso_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "618D26D4-6690-4F17-B9F5-2CD05486EB65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:virtuoso_ii_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F9B06688-4AF7-4354-A6AF-B335424F1D51", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:virtuoso_ii_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2F9A58D-D3E8-4E57-93D9-A1FB1BEB65D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:visia_af_icd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D21AD86-5D91-4279-8A54-9A6E6A1B6960", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:visia_af_icd:-:*:*:*:*:*:*:*", "matchCriteriaId": "17418686-EC2F-4FDB-88F8-2B4C60A8B48D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:medtronic:viva_crt-d_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "468772A4-BCD2-4884-A7C0-4CD49DFC6C1E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:medtronic:viva_crt-d:-:*:*:*:*:*:*:*", "matchCriteriaId": "7222E296-5DA5-4611-BA1C-85059D7918A0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data."}, {"lang": "es", "value": "El protocolo de telemetr\u00eda Conexus empleado en Medtronic MyCareLink Monitor, en las versiones 24950 y 24952; CareLink Monitor, en su versi\u00f3n 2490C; CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D y ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD y CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD y Viva CRT-D no implementan cifrado. Un atacante con acceso adyacente de rango corto a un producto objetivo puede escuchar las comunicaciones, incluyendo la transmisi\u00f3n de datos sensibles."}], "id": "CVE-2019-6540", "lastModified": "2021-11-03T18:57:30.320", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-26T18:29:01.060", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Broken Link"], "url": "http://www.securityfocus.com/bid/107544"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["US Government Resource", "Third Party Advisory"], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-080-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-319"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-319"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}

{}