CVE-2017-12712

CVE-2017-12712

Vendor Abbott Laboratories
Product Accent/Anthem, Accent MRI, Assurity/Allure, and Assurity MRI.
Weakness CWE-287 · Improper authentication
Published April 25, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities.

Key dates

02Disclosure timeline

April 25, 2018 CVE published
September 17, 2024 Record updated