Security Advisory

CVE-2020-27252

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-14 19:19:00

Last updated 2025-05-22 19:39:10

Assigner icscert

State PUBLISHED

Description

Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device, leading to control of the device.

← Browse all CVEs View on cve.org ↗