{"vulnerability": "CVE-2020-2726", "sightings": [{"uuid": "c2aeeca0-41a7-4c12-bc40-d5320e69af83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27264", "type": "seen", "source": "https://t.me/cibsecurity/22306", "content": "\u203c CVE-2020-27264 \u203c\n\nIn SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T00:26:20.000000Z"}, {"uuid": "788eccf9-47bc-4f96-a2ad-1f90a107b0fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27261", "type": "seen", "source": "https://t.me/cibsecurity/23300", "content": "\u203c CVE-2020-27261 \u203c\n\nThe Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T18:40:32.000000Z"}, {"uuid": "e5699eee-4eca-43a1-8265-fed82aaea8f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27268", "type": "seen", "source": "https://t.me/cibsecurity/22312", "content": "\u203c CVE-2020-27268 \u203c\n\nIn SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T00:26:26.000000Z"}, {"uuid": "ff53016f-36a9-497d-abea-8c2992353a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27260", "type": "seen", "source": "https://t.me/cibsecurity/21829", "content": "\u203c CVE-2020-27260 \u203c\n\nInnokas Yhtym\u00c3\u00a4 Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-08T18:42:00.000000Z"}, {"uuid": "8e860cf1-8411-4ca2-b917-1af0f6312266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27266", "type": "seen", "source": "https://t.me/cibsecurity/22311", "content": "\u203c CVE-2020-27266 \u203c\n\nIn SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass user authentication checks via Bluetooth Low Energy.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T00:26:25.000000Z"}, {"uuid": "6649abc3-94a4-4f7e-bb7e-b8a2544f0e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-27269", "type": "seen", "source": "https://t.me/cibsecurity/22308", "content": "\u203c CVE-2020-27269 \u203c\n\nIn SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications lacks replay protection measures, which allows unauthenticated, physically proximate attackers to replay communication sequences via Bluetooth Low Energy.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T00:26:22.000000Z"}]}