CVE-2020-27269

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences via Bluetooth Low Energy.
References
Link Resource
https://us-cert.cisa.gov/ics/advisories/icsma-21-012-01 Third Party Advisory US Government Resource
Configurations

Configuration 1


Information

Published : 2021-01-19 10:15

Updated : 2021-01-22 05:25


NVD link : CVE-2020-27269

Mitre link : CVE-2020-27269

Products Affected
No products.
CWE
CWE-294

Authentication Bypass by Capture-replay