Medtronic MyCareLink Patient Monitor - Info Disclosure
Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication.
Medtronic MyCareLink Patient Monitor’s update service does not sufficiently verify the authenticity of the data uploaded. An
attacker who obtains per-product credentials from the monitor and paired
implantable cardiac device information can potentially upload invalid
data to the Medtronic CareLink network.