CVE-2022-32537 - OpenCVE

A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Medtronic	Minimed 670g Mmt-1761 Firmware Mmt-1151 Firmware Guardian Link 2 Transmitter Mmt-7738 Minimed 670g Mmt-1742 Firmware Guardian Link 3 Transmitter Mmt-7810 Minimed 670g Mmt-1782 Firmware Minimed 630g Mmt-1755 Firmware Minimed 630g Mmt-1754 Firmware Mmt-1352 Minimed 670g Mmt-1760 Firmware Minimed 640g Mmt-1711 Minimed 630g Mmt-1755 Mmt-1352 Firmware Guardian Link 3 Transmitter Mmt-7811 Guardian Link 2 Transmitter Mmt-7738 Firmware Minimed 640g Mmt-1751 Guardian Link 2 Transmitter Mmt-7775 Minimed 630g Mmt-1715 Minimed 670g Mmt-1741 Firmware Minimed 670g Mmt-1780 Firmware Mmt-1151 Mmt-1152 Minimed 670g Mmt-1741 Minimed 670g Mmt-1781 Firmware Guardian Link 2 Transmitter Mmt-7731 Firmware Guardian Link 2 Transmitter Mmt-7731 Minimed 640g Mmt-1711 Firmware Mmt-1351 Firmware Minimed 620g Mmt-1750 Minimed 640g Mmt-1712 Firmware Guardian Link 2 Transmitter Mmt-7730 Firmware Minimed 620g Mmt-1750 Firmware Guardian Link 3 Transmitter Mmt-7811 Firmware Minimed 670g Mmt-1760 Guardian Link 2 Transmitter Mmt-7730 Minimed 640g Mmt-1752 Minimed 670g Mmt-1740 Firmware Minimed 670g Mmt-1780 Guardian Link 3 Transmitter Mmt-7810 Firmware Minimed 640g Mmt-1752 Firmware Minimed 640g Mmt-1712 Minimed 670g Mmt-1742 Minimed 670g Mmt-1781 Minimed 670g Mmt-1740 Mmt-7306 Minimed 670g Mmt-1762 Firmware Mmt-7306 Firmware Minimed 640g Mmt-1751 Firmware Minimed 670g Mmt-1782 Minimed 670g Mmt-1762 Minimed 630g Mmt-1715 Firmware Minimed 630g Mmt-1754 Minimed 670g Mmt-1761 Mmt-1351 Mmt-1152 Firmware Guardian Link 2 Transmitter Mmt-7775 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7730_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7730:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7731_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7731:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7738_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7738:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7775_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7775:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:medtronic:guardian_link_3_transmitter_mmt-7810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_3_transmitter_mmt-7810:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:medtronic:guardian_link_3_transmitter_mmt-7811_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_3_transmitter_mmt-7811:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:medtronic:minimed_620g_mmt-1750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_620g_mmt-1750:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1715_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1715:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1754_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1754:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1755_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1755:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1711_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1711:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1712_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1712:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1751_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1751:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1752_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1752:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1740_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1740:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1741_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1741:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1742_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1742:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1760_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1760:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1761_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1761:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1762_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1762:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1780_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1780:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1781_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1781:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1782_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1782:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:medtronic:mmt-1151_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1151:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:medtronic:mmt-1152_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1152:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:medtronic:mmt-1351_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1351:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:medtronic:mmt-1352_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1352:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:medtronic:mmt-7306_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-7306:-:*:*:*:*:*:*:*

References

Link	Resource
https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-600-series-communication-issue.html	Mitigation Vendor Advisory
https://www.cisa.gov/uscert/ics/advisories/icsma-22-263-01	Third Party Advisory US Government Resource