1. Home
  2. CVE Database
  3. CVE-2019-18252
MEDIUM · 4.3

CVE-2019-18252

BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes. An attacker with adjacent access to the CardioMessenger can disclose its credentials us...

Vulnerability Description

BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes. An attacker with adjacent access to the CardioMessenger can disclose its credentials used for connecting to the BIOTRONIK Remote Communication infrastructure.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
BiotronikCardiomessenger Ii-S Gsm Firmware2.20
BiotronikCardiomessenger Ii-S Gsm-
BiotronikCardiomessenger Ii-S T-Line Firmware2.20
BiotronikCardiomessenger Ii-S T-Line-

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2019-18252?

CVE-2019-18252 is a vulnerability with a CVSS score of 4.3 (MEDIUM). BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes. An attacker with adjacent access to the CardioMessenger can disclose its credentials us...

How severe is CVE-2019-18252?

CVE-2019-18252 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-18252?

Check the references section above for vendor advisories and patch information. Affected products include: Biotronik Cardiomessenger Ii-S Gsm Firmware, Biotronik Cardiomessenger Ii-S Gsm, Biotronik Cardiomessenger Ii-S T-Line Firmware, Biotronik Cardiomessenger Ii-S T-Line.