CVE-2020-27269

CVE-2020-27269

Vendor N/A
Product SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A
Weakness CWE-294
Published January 19, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences via Bluetooth Low Energy.

Key dates

02Disclosure timeline

January 19, 2021 CVE published
August 4, 2024 Record updated