CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-18977

HIGH
7.5
CVSS Severity Score
EPSS Score0.1720%
EPSS Percentile17.45th
Published2019年5月6日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. An attacker may reverse engineer the codebase to extract sensitive data that contributes to the disclosure of medical information of patients utilizing the Ascensia platform. This occurs because of weak obfuscation.

Affected Platforms (CPE)

📦
Ascensia

Contour Diabetes

< 2.5.0

References & Advisories

🔗 https://depthsecurity.com/blog/medical-exploitation-you-are-now-diabetic
🔗 https://depthsecurity.com/blog/medical-exploitation-you-are-now-diabetic

関連する脆弱性情報

CVE-2018-1071810.0

Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to...

CVE-2018-666710.0

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remo...

CVE-2018-409110.0

An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Sandbox" component. I...

CVE-2018-100064410.0

Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML External Entity (XXE) vulnerability in RDF4j XML parser parsing RDF files...