CVE-2018-8849

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
medtronicn\'vision_8840_firmware
-
medtronicn\'vision_8870_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf
http://www.securityfocus.com/bid/104213
https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01
http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf
http://www.securityfocus.com/bid/104213
https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01