← Back to CVEs
CVE-2025-4394
MEDIUM6.8
Description
Medtronic MyCareLink Patient Monitor uses an unencrypted filesystem on internal storage, which allows an attacker with physical access to read and modify files. This issue affects MyCareLink Patient Monitor models 24950 and 24952: before June 25, 2025
CVE Details
CVSS v3.1 Score6.8
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorPHYSICAL
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published7/24/2025
Last Modified7/25/2025
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-312
References
https://global.medtronic.com/xg-en/product-security/security-bulletins.html(security@medtronic.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.