CVE-2025-12996

Medium CVSS: 4.1

Medtronic CareLink Network allows a local attacker with access to log files on an internal API server to view plaintext passwords from errors logged under certain circumstances. This issue affects CareLink Network: before December 4, 2025.

Vendor

Medtronic

Product

Carelink Network

CWE

CWE-532

Yayın Tarihi

2025-12-04 20:16:17

Güncelleme

2025-12-22 18:09:56

Source Identifier

security@medtronic.com

KEV Date Added

Kategoriler

CWE-532 Carelink Network MEDIUM Medtronic 2025

Referanslar

https://www.medtronic.com/en-us/e/product-security/security-bulletins/carelink-network-vulnerabilities.html

Benzer Kayıtlar

Medium

CVE-2025-12994

Medtronic CareLink Network allows an unauthenticated remote attacker to initiate a request for security questions to an…

High

CVE-2025-12995

Medtronic CareLink Network allows an unauthenticated remote attacker to perform a brute force attack on an API endpoint…

Low

CVE-2025-12997

Insecure Direct Object Reference vulnerability in Medtronic CareLink Network which allows an authenticated attacker with…