Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Medtronic — Vulnerabilities & Security Advisories 34

Browse all 34 CVE security advisories affecting Medtronic. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Medtronic operates as a global leader in medical technology, designing and manufacturing devices that treat chronic diseases and alleviate pain. With 32 recorded Common Vulnerabilities and Exposures (CVEs), the company’s software infrastructure has historically exhibited vulnerabilities typical of embedded medical systems. These include remote code execution (RCE) flaws, cross-site scripting (XSS), and privilege escalation issues, often stemming from legacy web interfaces or poorly secured communication protocols. While Medtronic has not been the target of a single catastrophic public breach comparable to major consumer data leaks, its connected devices have faced scrutiny for potential patient safety risks. Security assessments frequently highlight the challenge of patching legacy hardware in clinical environments. The company continues to integrate security-by-design principles into newer products, aiming to mitigate risks associated with its expanding Internet of Medical Things (IoMT) ecosystem while maintaining regulatory compliance and patient safety standards.

Top products by Medtronic: MyCareLink Patient Monitor 24950 24950 MyCareLink Monitor CareLink Network 2090 CareLink Programmer Smart Model 25000 Patient Reader MMT- 508 - MiniMed pump Valleylab FT10 Energy Platform (VLFT10GEN) Valleylab Exchange Client Conexus Radio Frequency Telemetry Protocol 8840 N’Vision Clinician Programmer CareLink 9790 Programmer N'Vision Clinician Programmer MiniMed 508 pump Minimed 600 Series Insulin Pump InsterStim Applications Paceart Optima
CVE IDTitleCVSSSeverityPublished
CVE-2025-4397 Medtronic MyCareLink Patient Monitor Data Encryption Weakness — MyCareLink Patient Monitor 24950CWE-313 6.8 Medium2026-05-07
CVE-2025-4386 Medtronic MyCareLink Patient Monitor Hardware Debug Port — MyCareLink Patient Monitor 24950CWE-1263 6.8 Medium2026-05-07
CVE-2025-12997 Medtronic CareLink Network 安全漏洞 — CareLink NetworkCWE-639 2.2 Low2025-12-04
CVE-2025-12996 Medtronic CareLink Network 安全漏洞 — CareLink NetworkCWE-532 4.1 Medium2025-12-04
CVE-2025-12995 Medtronic CareLink Network 安全漏洞 — CareLink NetworkCWE-307 8.1 High2025-12-04
CVE-2025-12994 Medtronic CareLink Network 安全漏洞 — CareLink NetworkCWE-204 5.3 Medium2025-12-04
CVE-2025-4395 Medtronic MyCareLink Patient Monitor Empty Password Vulnerability — MyCareLink Patient Monitor 24950CWE-258 6.8 Medium2025-07-24
CVE-2025-4394 Medtronic MyCareLink Patient Monitor Unencrypted Filesystem Vulnerability — MyCareLink Patient Monitor 24950CWE-312 6.8 Medium2025-07-24
CVE-2025-4393 Medtronic MyCareLink Patient Monitor Deserialization Vulnerability — MyCareLink Patient Monitor 24950CWE-502 6.5 Medium2025-07-24
CVE-2023-31222 Medtronic Paceart MSMQ Deserialization of Untrusted Data — Paceart Optima CWE-502 9.8 Critical2023-06-29
CVE-2023-25931 Medtronic Micro Clinician & InterStim X Clinician App Password Reset Issue — InsterStim ApplicationsCWE-620 6.4 Medium2023-03-01
CVE-2022-32537 Medtronic MiniMed 600 Series Pump System Communication Issue — Minimed 600 Series Insulin PumpCWE-693 4.8 Medium2022-11-17
CVE-2020-27252 Medtronic MyCareLink Smart Time-of-check Time-of-use Race Condition — Smart Model 25000 Patient ReaderCWE-367 8.8 High2020-12-14
CVE-2020-25187 Medtronic MyCareLink Smart Heap-based Buffer Overflow — Smart Model 25000 Patient ReaderCWE-122 8.8 High2020-12-14
CVE-2020-25183 Medtronic MyCareLink Smart Improper Authentication — Smart Model 25000 Patient ReaderCWE-287 8.0 High2020-12-14
CVE-2019-13531 Medtronic Valleylab FT10 and LS10 Improper Authentication — Valleylab FT10 Energy Platform (VLFT10GEN)CWE-287 4.8 Medium2019-11-08
CVE-2019-13535 Medtronic Valleylab FT10 and LS10 Protection Mechanism Failure — Valleylab FT10 Energy Platform (VLFT10GEN)CWE-693 4.6 Medium2019-11-08
CVE-2019-13539 Medtronic Valleylab FT10 and FX8 Reversible One-way Hash — Valleylab Exchange ClientCWE-328 7.0 High2019-11-08
CVE-2019-13543 Medtronic Valleylab FT10 and FX8 Use of Hard-coded Credentials — Valleylab Exchange ClientCWE-798 5.8 Medium2019-11-08
CVE-2019-10964 Medtronic MiniMed 508 and Paradigm Series Insulin Pumps Improper Access Control — MiniMed 508 pumpCWE-284 7.1 High2019-06-28
CVE-2019-6540 Medtronic Conexus Radio Frequency Telemetry Protocol Cleartext Transmission of Sensitive Information — Conexus Radio Frequency Telemetry ProtocolCWE-319 6.5 Medium2019-03-26
CVE-2019-6538 Medtronic Conexus Radio Frequency Telemetry Protocol Improper Access Control — Conexus Radio Frequency Telemetry ProtocolCWE-284 9.3 Critical2019-03-25
CVE-2018-18984 Medtronic 9790, 2090 CareLink, and 29901 Encore Programmers Missing Encryption of Sensitive Data — CareLink 9790 ProgrammerCWE-311 4.6 Medium2018-12-14
CVE-2018-14781 Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Authentication Bypass by Capture-replay — MMT- 508 - MiniMed pumpCWE-294 5.3 Medium2018-08-13
CVE-2018-10634 Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information — MMT- 508 - MiniMed pumpCWE-319 4.8 Medium2018-08-13
CVE-2018-10626 Medtronic MyCareLink 24950 Patient Monitor Insufficient Verification of Data Authenticity — 24950 MyCareLink MonitorCWE-345 4.4 Medium2018-08-10
CVE-2018-10622 Medtronic MyCareLink 24950 Patient Monitor Storing Passwords in a Recoverable Format — 24950 MyCareLink MonitorCWE-257 4.9 Medium2018-08-10
CVE-2018-10631 Medtronic N'Vision Clinician Programmer Protection Mechanism Failure — 8840 N’Vision Clinician ProgrammerCWE-693 6.3 Medium2018-07-13
CVE-2018-10596 Medtronic 2090 Carelink Programmer Improper Restriction of Communication Channel to Intended Endpoints — 2090 CareLink ProgrammerCWE-923 7.1 High2018-07-02
CVE-2018-8870 Medtronic MyCareLink Patient Monitor Use of Hard-coded Password — 24950 MyCareLink MonitorCWE-259 6.4 Medium2018-07-02

This page lists every published CVE security advisory associated with Medtronic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.