Rewterz Threat Advisory – ICS: Medtronic Conexus Radio Frequency Telemetry Protocol

Friday, February 7, 2020

Severity

High

Analysis Summary

CVE-2019-6538

The Conexus telemetry protocol utilized within this ecosystem does not implement authentication or authorization. An attacker with adjacent short-range access to an affected product, in situations where the product’s radio is turned on, can inject, replay, modify, and/or intercept data within the telemetry communication. This communication protocol provides the ability to read and write memory values to affected implanted cardiac devices; therefore, an attacker could exploit this communication protocol to change memory in the implanted cardiac device.

CVE-2019-6540

The Conexus telemetry protocol utilized within this ecosystem does not implement encryption. An attacker with adjacent short-range access to a target product can listen to communications, including the transmission of sensitive data.

Impact

  • Improper Access Control 
  • Cleartext Transmission of Sensitive Information

Affected Vendors

Medtronic

Affected Products

MyCareLink Monitor

CareLink Monitor
CareLink 2090 Programmer
specific Medtronic implanted cardiac devices

Remediation

For the list of more affected products, please refer to ICS advisory:

https://www.us-cert.gov/ics/advisories/ICSMA-19-080-01

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 23, February 2020 Rewterz Threat Advisory – CVE-2019-16028 – Cisco Firepower Management Center
  • 17, February 2020 Rewterz Threat Alert – Satan ransomware rebrands as 5ss5c ransomware
  • 14, February 2020 Rewterz Threat Alert – Emotet Malware Hacks Nearby Wi-Fi Networks to Infect New Victims
  • 13, February 2020 Rewterz Threat Advisory – CVE-2020-3119 – Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution

Copyright © Rewterz. All rights reserved.