Vulnerability Description
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery organization’s Paceart Optima system cardiac device causing data to be deleted, stolen, or modified, or the Paceart Optima system being used for further network penetration via network connectivity.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Medtronic | Paceart Optima | < 1.12 |
Related Weaknesses (CWE)
References
- https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-oMitigationVendor Advisory
- https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-oMitigationVendor Advisory
FAQ
What is CVE-2023-31222?
CVE-2023-31222 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart Optima versions 1.11 and earlier on Windows allows an unauthorized user to impact a healthcare delivery ...
How severe is CVE-2023-31222?
CVE-2023-31222 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-31222?
Check the references section above for vendor advisories and patch information. Affected products include: Medtronic Paceart Optima.