CVE-2022-32537 - Vulnerability Details

A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00071.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Medtronic	Guardian Link 2 Transmitter Mmt-7730 Guardian Link 2 Transmitter Mmt-7730 Firmware Guardian Link 2 Transmitter Mmt-7731 Guardian Link 2 Transmitter Mmt-7731 Firmware Guardian Link 2 Transmitter Mmt-7738 Guardian Link 2 Transmitter Mmt-7738 Firmware Guardian Link 2 Transmitter Mmt-7775 Guardian Link 2 Transmitter Mmt-7775 Firmware Guardian Link 3 Transmitter Mmt-7810 Guardian Link 3 Transmitter Mmt-7810 Firmware Guardian Link 3 Transmitter Mmt-7811 Guardian Link 3 Transmitter Mmt-7811 Firmware Minimed 620g Mmt-1750 Minimed 620g Mmt-1750 Firmware Minimed 630g Mmt-1715 Minimed 630g Mmt-1715 Firmware Minimed 630g Mmt-1754 Minimed 630g Mmt-1754 Firmware Minimed 630g Mmt-1755 Minimed 630g Mmt-1755 Firmware Minimed 640g Mmt-1711 Minimed 640g Mmt-1711 Firmware Minimed 640g Mmt-1712 Minimed 640g Mmt-1712 Firmware Minimed 640g Mmt-1751 Minimed 640g Mmt-1751 Firmware Minimed 640g Mmt-1752 Minimed 640g Mmt-1752 Firmware Minimed 670g Mmt-1740 Minimed 670g Mmt-1740 Firmware Minimed 670g Mmt-1741 Minimed 670g Mmt-1741 Firmware Minimed 670g Mmt-1742 Minimed 670g Mmt-1742 Firmware Minimed 670g Mmt-1760 Minimed 670g Mmt-1760 Firmware Minimed 670g Mmt-1761 Minimed 670g Mmt-1761 Firmware Minimed 670g Mmt-1762 Minimed 670g Mmt-1762 Firmware Minimed 670g Mmt-1780 Minimed 670g Mmt-1780 Firmware Minimed 670g Mmt-1781 Minimed 670g Mmt-1781 Firmware Minimed 670g Mmt-1782 Minimed 670g Mmt-1782 Firmware Mmt-1151 Mmt-1151 Firmware Mmt-1152 Mmt-1152 Firmware Mmt-1351 Mmt-1351 Firmware Mmt-1352 Mmt-1352 Firmware Mmt-7306 Mmt-7306 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7730_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7730:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7731_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7731:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7738_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7738:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:medtronic:guardian_link_2_transmitter_mmt-7775_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_2_transmitter_mmt-7775:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:medtronic:guardian_link_3_transmitter_mmt-7810_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_3_transmitter_mmt-7810:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:medtronic:guardian_link_3_transmitter_mmt-7811_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:guardian_link_3_transmitter_mmt-7811:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:medtronic:minimed_620g_mmt-1750_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_620g_mmt-1750:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1715_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1715:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1754_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1754:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:medtronic:minimed_630g_mmt-1755_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_630g_mmt-1755:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1711_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1711:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1712_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1712:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1751_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1751:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:medtronic:minimed_640g_mmt-1752_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_640g_mmt-1752:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1740_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1740:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1741_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1741:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1742_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1742:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1760_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1760:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1761_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1761:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1762_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1762:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1780_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1780:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1781_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1781:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:medtronic:minimed_670g_mmt-1782_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:minimed_670g_mmt-1782:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:medtronic:mmt-1151_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1151:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:medtronic:mmt-1152_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1152:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:medtronic:mmt-1351_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1351:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:medtronic:mmt-1352_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-1352:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:medtronic:mmt-7306_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:mmt-7306:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-35605	A vulnerability exists which could allow an unauthorized user to learn aspects of the communication protocol used to pair system components while the pump is being paired with other system components. Exploitation requires nearby wireless signal proximity with the patient and the device; advanced technical knowledge is required for exploitation. Please refer to the Medtronic Product Security Bulletin for guidance

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://global.medtronic.com/xg-en/product-security/security-bulletins/minimed-600-series-communication-issue.html
https://www.cisa.gov/uscert/ics/advisories/icsma-22-263-01

History

Tue, 29 Apr 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Medtronic

Published: 2022-11-17T20:47:05.258Z

Updated: 2025-04-29T14:44:21.348Z

Reserved: 2022-06-07T21:26:39.432Z

Link: CVE-2022-32537

Vulnrichment

Updated: 2024-08-03T07:46:43.499Z

NVD

Status : Modified

Published: 2022-12-12T13:15:12.263

Modified: 2024-11-21T07:06:35.333

Link: CVE-2022-32537

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object