Sploit.io - Search

CVE-2018-8849

Severity: MEDIUM

Description: Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programme and 8870 N'Vision removable Application Card do not encrypt PII and PHI while at rest.

Affected Products:

• Medtronic N'Vision Clinician Programmer - Versions: all versions
• Medtronic 8870 N’Vision removable Application Card - Versions: all versions

References:

• http://www.securityfocus.com/bid/104213
• https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-137-01
• http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf
• https://www.medtronic.com/security