CVE-2018-14781

MEDIUM Year: 2018
CVSS v3 Score
5.3
Medium
CVSS v2 Score
2.9
Low
Weakness Type
CWE-294
View all →

Vulnerability Description

Medtronic MiniMed MMT devices when paired with a remote controller and having the “easy bolus” and “remote bolus” options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery.

Related Vulnerabilities

CVE-2018-16242

MEDIUM
CVSS:5.3(Medium)

oBike relies on Hangzhou Luoping Smart Locker to lock bicycles, which allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext based on a predictable n...

CWE-2942018

CVE-2020-5300

MEDIUM
CVSS:5.3(Medium)

In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specificat...

CWE-2942020

CVE-2021-46145

MEDIUM
CVSS:5.3(Medium)

The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization.

CWE-2942021

CVE-2022-27254

MEDIUM
CVSS:5.3(Medium)

The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626.

CWE-2942022

CVE-2023-1537

MEDIUM
CVSS:5.3(Medium)

Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.

CWE-2942023

CVE-2023-50128

MEDIUM
CVSS:5.3(Medium)

The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks ...

CWE-2942023