CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-18977

HIGH
7.5
CVSS Severity Score
EPSS Score0.1720%
EPSS Percentile17.45th
Published2019年5月6日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. An attacker may reverse engineer the codebase to extract sensitive data that contributes to the disclosure of medical information of patients utilizing the Ascensia platform. This occurs because of weak obfuscation.

Affected Platforms (CPE)

📦
Ascensia

Contour Diabetes

< 2.5.0

References & Advisories

🔗 https://depthsecurity.com/blog/medical-exploitation-you-are-now-diabetic
🔗 https://depthsecurity.com/blog/medical-exploitation-you-are-now-diabetic

相关漏洞威胁

CVE-2018-100012410.0

I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.p...

CVE-2018-422910.0

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatc...

CVE-2018-487210.0

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006...

CVE-2018-1246410.0

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows a...