Medtronic CVEs
16 Aug 2025
Three vulnerabilities were discovered in Medtronic's MyCareLink Patient Monitor 24590, 24952 over the course of three days.
The CISA ICS Medical Advisory can be found here: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01
A security bulletin has been released by Medtronic and can be found here: Medtronic Bulletin
The CISA ICS Medical Advisory can be found here: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01
A security bulletin has been released by Medtronic and can be found here: Medtronic Bulletin
| CVE ID | Vulnerability Description | CVSS v3.1/v4 Score |
|---|---|---|
| CVE-2025-4393 | Deserialization of Untrusted Data | 6.5/5.9 |
| CVE-2025-4394 | Cleartext Storage of Sensitive Information | 6.8/7.0 |
| CVE-2025-4395 | Empty Password In Configuration File | 6.8/7.0 |
