Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability

July 24, 2025 invoker category_cve

CVE Details

Basic Information

Title	Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability
Type	cve
Published	2025-07-24T03:26:06.706Z
Modified	2025-07-24T03:26:06.706Z

Product Information

Vendor	Medtronic
Product	MyCareLink Patient Monitor 24950
Version	0

CVSS Information

Base Score	6.8 (MEDIUM)
Attack Vector	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Analysis

AI Description	The Medtronic MyCareLink Patient Monitor has an unencrypted filesystem vulnerability, allowing attackers with physical access to read and modify files. This affects models 24950 and 24952.
AI Severity	Medium
AI Vendor	Medtronic
AI Product	MyCareLink Patient Monitor
AI Version	24950, 24952

Affected Products

Medtronic MyCareLink Patient Monitor 24950 0
Medtronic MyCareLink Patient Monitor 24952 0

Additional Information

CWE List	CWE-312
Source	Medtronic

Description

Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files.

This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025

References

https://global.medtronic.com/xg-en/product-security/security-bulletins.html

View Full CVE Details