CVE-2017-12714
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
25/04/2018
Last modified:
09/10/2019
Description
Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life. CVSS v3 base score: 5.3, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Base Score 2.0
6.10
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:abbott:accent_firmware:*:*:*:*:*:*:*:* | f0b.0e.7e (excluding) | |
| cpe:2.3:h:abbott:accent:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:abbott:anthem_firmware:*:*:*:*:*:*:*:* | f0b.0e.7e (excluding) | |
| cpe:2.3:h:abbott:anthem:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:abbott:accent_mri_firmware:*:*:*:*:*:*:*:* | f10.08.6c (excluding) | |
| cpe:2.3:h:abbott:accent_mri:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:abbott:accent_st_firmware:*:*:*:*:*:*:*:* | f10.08.6c (excluding) | |
| cpe:2.3:h:abbott:accent_st:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:abbott:assurity_firmware:*:*:*:*:*:*:*:* | f14.07.80 (excluding) | |
| cpe:2.3:h:abbott:assurity:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:abbott:allure_firmware:*:*:*:*:*:*:*:* | f14.07.80 (excluding) | |
| cpe:2.3:h:abbott:allure:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:abbott:assurity_mri_firmware:*:*:*:*:*:*:*:* | f17.01.49 (excluding) | |
| cpe:2.3:h:abbott:assurity_mri:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page