CVE-2018-10634 - Vulnerability Details

CVE-2018-10634 - Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information

Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00128.

Key SSVC decision points have not yet been added.

Vendors	Products
Medtronic	Minimed 530g Mmt-551 Minimed 530g Mmt-551 Firmware Minimed 530g Mmt-751 Minimed 530g Mmt-751 Firmware Minimed Paradigm 508 Insulin Pump Minimed Paradigm 508 Insulin Pump Firmware Minimed Paradigm Real-time Mmt-522 Minimed Paradigm Real-time Mmt-522 Firmware Minimed Paradigm Real-time Mmt-722 Minimed Paradigm Real-time Mmt-722 Firmware Minimed Paradigm Revel Mmt-523 Minimed Paradigm Revel Mmt-523 Firmware Minimed Paradigm Revel Mmt-523k Minimed Paradigm Revel Mmt-523k Firmware Minimed Paradigm Revel Mmt-723 Minimed Paradigm Revel Mmt-723 Firmware Minimed Paradigm Revel Mmt-723k Minimed Paradigm Revel Mmt-723k Firmware

Configuration 1 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-523k_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-523k:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-723k_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-723k:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-723_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-723:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:medtronic:minimed_530g_mmt-551_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_530g_mmt-551:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_real-time_mmt-522_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_real-time_mmt-522:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_real-time_mmt-722_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_real-time_mmt-722:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:medtronic:minimed_530g_mmt-751_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_530g_mmt-751:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-523_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-523:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_508_insulin_pump_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_508_insulin_pump:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2018-2706	Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.

Fixes

Solution

No solution given by the vendor.

Workaround

The remote option is turned off in the pump by default. Medtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. Medtronic has released additional patient focused information https://www.medtronic.com/security . Additionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic.

References

Link	Providers
http://www.securityfocus.com/bid/105044
https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html
https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02

History

Mon, 14 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00102}`	epss `{'score': 0.00098}`

Thu, 22 May 2025 16:45:00 +0000

Type	Values Removed	Values Added
Description	Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.	Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.
Title		Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information
References		https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html
Metrics		cvssV3_1 `{'score': 4.8, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2018-08-13T22:00:00Z

Updated: 2025-05-22T16:28:03.155Z

Reserved: 2018-05-01T00:00:00

Link: CVE-2018-10634

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-08-13T21:47:59.040

Modified: 2025-05-22T17:15:21.460

Link: CVE-2018-10634

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object