Multiple vulnerabilities in Medtronic MyCareLink Patient Monitor
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2025-4394 CVE-2025-4395 CVE-2025-4393 |
| CWE-ID | CWE-312 CWE-258 CWE-502 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
MyCareLink Patient Monitor model 24950 Hardware solutions / Medical equipment MyCareLink Patient Monitor model 24952 Hardware solutions / Medical equipment |
| Vendor | Medtronic |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Cleartext storage of sensitive information
EUVDB-ID: #VU113207
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-4394
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to cleartext storage of sensitive information. An attacker with physical access can read and modify files on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMyCareLink Patient Monitor model 24950: All versions
MyCareLink Patient Monitor model 24952: All versions
CPE2.3- cpe:2.3:h:medtronic:mycarelink_patient_monitor_model_24950:*:*:*:*:*:*:*:*
- cpe:2.3:h:medtronic:mycarelink_patient_monitor_model_24952:*:*:*:*:*:*:*:*
https://global.medtronic.com/xg-en/product-security/security-bulletins.html
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Empty Password in Configuration File
EUVDB-ID: #VU113208
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-4395
CWE-ID:
CWE-258 - Empty password in configuration file
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected product has a built-in user account with an empty password. An attacker with physical access can log in with no password and access or modify system functionality.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMyCareLink Patient Monitor model 24950: All versions
MyCareLink Patient Monitor model 24952: All versions
CPE2.3- cpe:2.3:h:medtronic:mycarelink_patient_monitor_model_24950:*:*:*:*:*:*:*:*
- cpe:2.3:h:medtronic:mycarelink_patient_monitor_model_24952:*:*:*:*:*:*:*:*
https://global.medtronic.com/xg-en/product-security/security-bulletins.html
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Deserialization of Untrusted Data
EUVDB-ID: #VU113209
Risk: Low
CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-4393
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data. A local user can pass specially crafted data to the application and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsMyCareLink Patient Monitor model 24950: All versions
MyCareLink Patient Monitor model 24952: All versions
CPE2.3- cpe:2.3:h:medtronic:mycarelink_patient_monitor_model_24950:*:*:*:*:*:*:*:*
- cpe:2.3:h:medtronic:mycarelink_patient_monitor_model_24952:*:*:*:*:*:*:*:*
https://global.medtronic.com/xg-en/product-security/security-bulletins.html
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-205-01
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
