CVE-2017-12716
Summary
| CVE | CVE-2017-12716 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-04-25 13:29:00 UTC |
| Updated | 2019-10-09 23:23:00 UTC |
| Description | Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units. Additionally, the Accent and Anthem pacemakers store the optional patient information without encryption. CVSS v3 base score: 3.1, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. |
Risk And Classification
Problem Types: CWE-319
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Abbott | Accent | - | All | All | All |
| Hardware | Abbott | Accent | - | All | All | All |
| Operating System | Abbott | Accent Firmware | All | All | All | All |
| Operating System | Abbott | Accent Firmware | All | All | All | All |
| Hardware | Abbott | Accent Mri | - | All | All | All |
| Hardware | Abbott | Accent Mri | - | All | All | All |
| Operating System | Abbott | Accent Mri Firmware | All | All | All | All |
| Operating System | Abbott | Accent Mri Firmware | All | All | All | All |
| Hardware | Abbott | Accent St | - | All | All | All |
| Hardware | Abbott | Accent St | - | All | All | All |
| Operating System | Abbott | Accent St Firmware | All | All | All | All |
| Operating System | Abbott | Accent St Firmware | All | All | All | All |
| Hardware | Abbott | Anthem | - | All | All | All |
| Hardware | Abbott | Anthem | - | All | All | All |
| Operating System | Abbott | Anthem Firmware | All | All | All | All |
| Operating System | Abbott | Anthem Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Abbott Laboratories’ Accent/Anthem, Accent MRI, Assurity/Allure, and Assurity MRI Pacemaker Vulnerabilities | ICS-CERT | MISC | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| Multiple Abbott Pacemakers Multiple Security Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.