QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-10631

Back to search

CVE-2018-10631

Published: Jul 13, 2018

Modified: Aug 26, 2025

PUBLISHED

CVSS v3.1

6.3

MEDIUM

Description

The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer.

VendorProductVersions

Medtronic

8840 N’Vision Clinician Programmer

affected
All versions

Medtronic

8870 N’Vision removable Application Card

affected
All versions

Weaknesses (CWE)

CWE-693

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Physical

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now