CVE-2018-10634 - Vulnerability Details

CVE-2018-10634 - Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information

Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00128.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Medtronic

MMT- 508 - MiniMed pump

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 511 pump Paradigm

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 512 / MMT – 712 Paradigm x12

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 515 / MMT – 715 Paradigm x15

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 522 / MMT – 722 Paradigm REAL-TIME

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 522(K) / MMT – 722(K) Paradigm REAL-TIME

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 523 / MMT – 723 Paradigm Revel

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 523(K) / MMT – 723(K) Paradigm

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 554 / MMT – 754 MiniMed Veo

unaffected

Version	Status	Constraints
`All versions`	affected	—

Medtronic

MMT – 551 / MMT – 751 MiniMed 530G

unaffected

Version	Status	Constraints
`All versions`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-523k_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-523k:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-723k_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-723k:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-723_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-723:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:medtronic:minimed_530g_mmt-551_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_530g_mmt-551:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_real-time_mmt-522_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_real-time_mmt-522:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_real-time_mmt-722_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_real-time_mmt-722:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:medtronic:minimed_530g_mmt-751_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_530g_mmt-751:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_revel_mmt-523_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_revel_mmt-523:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:medtronic:minimed_paradigm_508_insulin_pump_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_paradigm_508_insulin_pump:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Medtronic Subscribe	Minimed 530g Mmt-551 Subscribe Minimed 530g Mmt-551 Firmware Subscribe Minimed 530g Mmt-751 Subscribe Minimed 530g Mmt-751 Firmware Subscribe Minimed Paradigm 508 Insulin Pump Subscribe Minimed Paradigm 508 Insulin Pump Firmware Subscribe Minimed Paradigm Real-time Mmt-522 Subscribe Minimed Paradigm Real-time Mmt-522 Firmware Subscribe Minimed Paradigm Real-time Mmt-722 Subscribe Minimed Paradigm Real-time Mmt-722 Firmware Subscribe Minimed Paradigm Revel Mmt-523 Subscribe Minimed Paradigm Revel Mmt-523 Firmware Subscribe Minimed Paradigm Revel Mmt-523k Subscribe Minimed Paradigm Revel Mmt-523k Firmware Subscribe Minimed Paradigm Revel Mmt-723 Subscribe Minimed Paradigm Revel Mmt-723 Firmware Subscribe Minimed Paradigm Revel Mmt-723k Subscribe Minimed Paradigm Revel Mmt-723k Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2018-2706	Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.

Fixes

Solution

No solution given by the vendor.

Workaround

The remote option is turned off in the pump by default. Medtronic is directing all users to stop using their remote controllers, disable the remote option on their insulin pump, and to return the remote controllers to Medtronic. Medtronic has released additional patient focused information https://www.medtronic.com/security . Additionally, Medtronic will be sending a letter to patients who may still be actively using the remotes in order to inform patients about these security risks, and request patients stop using the remote and return them to Medtronic.

References

Link	Providers
http://www.securityfocus.com/bid/105044
https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html
https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-02

History

Mon, 14 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00102}`	epss `{'score': 0.00098}`

Thu, 22 May 2025 16:45:00 +0000

Type	Values Removed	Values Added
Description	Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G communications between the pump and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.	Communications between Medtronic MiniMed MMT pumps and wireless accessories are transmitted in cleartext. A sufficiently skilled attacker could capture these transmissions and extract sensitive information, such as device serial numbers.
Title		Medtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive Information
References		https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed.html
Metrics		cvssV3_1 `{'score': 4.8, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2018-08-13T22:00:00Z

Updated: 2025-05-22T16:28:03.155Z

Reserved: 2018-05-01T00:00:00

Link: CVE-2018-10634

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-08-13T21:47:59.040

Modified: 2025-05-22T17:15:21.460

Link: CVE-2018-10634

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-319

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object