Medtronic MyCareLink Patient Monitor Privilege Escalation and Denial-of-Service Vulnerability

Vulnerability

A vulnerability in the Medtronic MyCareLink Patient Monitor models 24950 and 24952, prior to June 25, 2025, allows local attackers to interact with an internal service that deserializes data. By crafting a binary payload, an attacker could crash the service or elevate privileges.

Impact

Exploitation of this vulnerability could lead to a denial-of-service condition or unauthorized privilege escalation on the affected device.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

5.6

exploitability

3.3

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

5.6

exploitability

3.3

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Medtronic MyCareLink Patient Monitor Privilege Escalation and Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

Medtronic MyCareLink Patient Monitor

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating