Vulnerability Details CVE-2018-10631
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer and 8870 N'Vision removable application card does not encrypt PII and PHI while at rest.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.1%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
- http://www.securityfocus.com/bid/104213
- https://global.medtronic.com/xg-en/product-security/security-bulletins/nvision.html
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01
- https://www.medtronic.com/security
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01
- https://www.medtronic.com/security
Products affected by CVE-2018-10631
-
cpe:2.3:h:medtronic:n'vision_8840:-
-
cpe:2.3:h:medtronic:n'vision_8870:-
-
cpe:2.3:o:medtronic:n'vision_8840_firmware:-
-
cpe:2.3:o:medtronic:n'vision_8870_firmware:-