CVE-2018-10622 MEDIUM

CVE-2018-10622: Medtronic MyCareLink 24950 Patient Monitor Cleartext Storage in a File or on Disk

Vendor Medtronic
Product 24950 MyCareLink Monitor
Weakness CWE-313
Published August 10, 2018
Last update June 4, 2026

CVSS base score

6.8/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data.

Key dates

02Disclosure timeline

August 10, 2018 CVE published
June 4, 2026 Record updated

Related vulnerabilities

04Related CVE