← Back to home
ICSMA-22-263-01  ·  Published 2022-09-20  ·  View on CISA ICS-CERT ↗

Medtronic NGP 600 Series Insulin Pumps

CVSS 4.8 MEDIUM

Risk Summary

Successful exploitation of this vulnerability could allow an unauthorized user to deliver too much or too little insulin through delivery of an unintended insulin bolus or because insulin delivery is slowed or stopped.

CVEs (1)

Remediations

  • Medtronic recommends users to take the following actions:
  • Note: Turning off the remote bolus feature will ensure no remote bolus is possible.
  • Medtronic has identified the following precautions to assist users:

Affected Vendors

Medtronic

Affected Products (4)

Medtronic · MiniMed 620G MMT-1710
Medtronic · MiniMed 630G MMT-1715 | MMT-1754 | MMT-1755
Medtronic · MiniMed 640G MMT-1711 | MMT-1712 | MMT-1751 | MMT-1752
Medtronic · MiniMed 670G MMT-1740 | MMT-1741 | MMT-1742 | MMT-1760 | MMT-1762 | MMT-1762 | MMT-1780 | MMT-1781 | MMT-1782

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more