CVE-2022-32537 - Vulnerability Details

A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00108.

Exploitation none

Automatable no

Technical Impact partial

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Medtronic

Minimed 600 Series Insulin Pump

unaffected

Version	Status	Constraints
`620G, 630G, 640G, 670G`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7730_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7730:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7731_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7731:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7738_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7738:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7775_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7775:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:medtronic:guardian_link_3_transmitter_mmt-7810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_3_transmitter_mmt-7810:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:medtronic:guardian_link_3_transmitter_mmt-7811_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_3_transmitter_mmt-7811:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:medtronic:minimed_620g_mmt-1750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_620g_mmt-1750:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1715_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1715:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1754_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1754:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1755_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1755:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1711_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1711:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1712_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1712:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1751_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1751:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1752_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1752:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1740_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1740:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1741_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1741:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1742_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1742:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1760_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1760:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1761_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1761:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1762_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1762:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1780_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1780:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1781_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1781:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1782_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1782:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:medtronic:mmt-1151_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1151:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:medtronic:mmt-1152_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1152:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:medtronic:mmt-1351_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1351:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:medtronic:mmt-1352_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1352:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:medtronic:mmt-7306_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-7306:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Medtronic Subscribe	Guardian Link 2 Transmitter Mmt-7730 Subscribe Guardian Link 2 Transmitter Mmt-7730 Firmware Subscribe Guardian Link 2 Transmitter Mmt-7731 Subscribe Guardian Link 2 Transmitter Mmt-7731 Firmware Subscribe Guardian Link 2 Transmitter Mmt-7738 Subscribe Guardian Link 2 Transmitter Mmt-7738 Firmware Subscribe Guardian Link 2 Transmitter Mmt-7775 Subscribe Guardian Link 2 Transmitter Mmt-7775 Firmware Subscribe Guardian Link 3 Transmitter Mmt-7810 Subscribe Guardian Link 3 Transmitter Mmt-7810 Firmware Subscribe Guardian Link 3 Transmitter Mmt-7811 Subscribe Guardian Link 3 Transmitter Mmt-7811 Firmware Subscribe Minimed 620g Mmt-1750 Subscribe Minimed 620g Mmt-1750 Firmware Subscribe Minimed 630g Mmt-1715 Subscribe Minimed 630g Mmt-1715 Firmware Subscribe Minimed 630g Mmt-1754 Subscribe Minimed 630g Mmt-1754 Firmware Subscribe Minimed 630g Mmt-1755 Subscribe Minimed 630g Mmt-1755 Firmware Subscribe Minimed 640g Mmt-1711 Subscribe Minimed 640g Mmt-1711 Firmware Subscribe Minimed 640g Mmt-1712 Subscribe Minimed 640g Mmt-1712 Firmware Subscribe Minimed 640g Mmt-1751 Subscribe Minimed 640g Mmt-1751 Firmware Subscribe Minimed 640g Mmt-1752 Subscribe Minimed 640g Mmt-1752 Firmware Subscribe Minimed 670g Mmt-1740 Subscribe Minimed 670g Mmt-1740 Firmware Subscribe Minimed 670g Mmt-1741 Subscribe Minimed 670g Mmt-1741 Firmware Subscribe Minimed 670g Mmt-1742 Subscribe Minimed 670g Mmt-1742 Firmware Subscribe Minimed 670g Mmt-1760 Subscribe Minimed 670g Mmt-1760 Firmware Subscribe Minimed 670g Mmt-1761 Subscribe Minimed 670g Mmt-1761 Firmware Subscribe Minimed 670g Mmt-1762 Subscribe Minimed 670g Mmt-1762 Firmware Subscribe Minimed 670g Mmt-1780 Subscribe Minimed 670g Mmt-1780 Firmware Subscribe Minimed 670g Mmt-1781 Subscribe Minimed 670g Mmt-1781 Firmware Subscribe Minimed 670g Mmt-1782 Subscribe Minimed 670g Mmt-1782 Firmware Subscribe Mmt-1151 Subscribe Mmt-1151 Firmware Subscribe Mmt-1152 Subscribe Mmt-1152 Firmware Subscribe Mmt-1351 Subscribe Mmt-1351 Firmware Subscribe Mmt-1352 Subscribe Mmt-1352 Firmware Subscribe Mmt-7306 Subscribe Mmt-7306 Firmware Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2022-35605	A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-600-series-communication-issue.html
https://www.cisa.gov/uscert/ics/advisories/icsma-22-263-01

History

Tue, 29 Apr 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Medtronic

Published: 2022-11-17T20:47:05.258Z

Updated: 2025-04-29T14:44:21.348Z

Reserved: 2022-06-07T21:26:39.432Z

Link: CVE-2022-32537

Vulnrichment

Updated: 2024-08-03T07:46:43.499Z

NVD

Status : Modified

Published: 2022-12-12T13:15:12.263

Modified: 2024-11-21T07:06:35.333

Link: CVE-2022-32537

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object