QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-12712

Back to search

CVE-2017-12712

Published: Apr 25, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities.

VendorProductVersions

Abbott Laboratories

Accent/Anthem, Accent MRI, Assurity/Allure, and Assurity MRI.

affected
All versions of pacemakers manufactured prior to August 28, 2017

Weaknesses (CWE)

CWE-287

References

100523
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now