{ "containers": { "cna": { "providerMetadata": { "orgId": "3c337f33-b2bd-4529-9792-f48cdb2838b4", "shortName": "Medtronic", "dateUpdated": "2026-06-22T20:42:16.327Z" }, "title": "Medtronic MyCareLink Patient Monitor Network Credential Weakness", "datePublic": "2026-05-07T06:00:00.000Z", "problemTypes": [ { "descriptions": [ { "lang": "en", "cweId": "CWE-313", "description": "CWE-313", "type": "CWE" } ] } ], "affected": [ { "vendor": "Medtronic", "product": "24950 MyCareLink Monitor", "versions": [ { "status": "affected", "version": "0", "lessThan": "February 25, 2026", "versionType": "custom" } ], "defaultStatus": "unaffected" }, { "vendor": "Medtronic", "product": "24952 MyCareLink Monitor", "versions": [ { "status": "affected", "version": "0", "lessThan": "February 25, 2026", "versionType": "custom" } ], "defaultStatus": "unaffected" } ], "descriptions": [ { "lang": "en", "value": "Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication.", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "
Medtronic recommends users take additional defensive measures to minimize the risk of exploitation. Specifically, users should:
\nMedtronic has released additional patient focused information, at the following location:
\nhttps://www.medtronic.com/security
" } ] }, { "lang": "en", "value": "Users should follow CISA's guidance in the following areas:\n\n* Securing the Internet of Things https://www.cisa.gov/news-events/news/securing-internet-things-iot \n\n* Home Network Security https://www.cisa.gov/news-events/news/home-network-security", "supportingMedia": [ { "type": "text/html", "base64": false, "value": "Users should follow CISA's guidance in the following areas: