CVE-2017-5149
Published: Feb 13, 2017
Modified: Aug 5, 2024
Description
An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). The identities of the endpoints for the communication channel between the transmitter and St. Jude Medical's web site, Merlin.net, are not verified. This may allow a man-in-the-middle attacker to access or influence communications between the identified endpoints.
| Vendor | Product | Versions |
|---|---|---|
n/a | St. Jude Merlin@home Transmitter before 8.2.2 | affected St. Jude Merlin@home Transmitter before 8.2.2 |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now