This will play a video - Businessman in suit conversing with physician at table

Security Bulletins

For product security updates, notification, and documentation, please see the following:

MARCH 9, 2022
Axeda Software Component Vulnerabilities
Medtronic was made aware of vulnerabilities in the Axeda software component by Health-ISAC and is assessing impact and applicability of these vulnerabilities to Medtronic products. UPDATED: MARCH 29, 2022

DECEMBER 16, 2021
Log4j Software Component Vulnerabilities
Medtronic is aware of vulnerabilities in the Log4j software component, commonly named “Log4Shell” and is assessing and addressing the issue.

OCTOBER 5, 2021
Medtronic Minimed MMT-500/MMT-503 Remote Controllers
Medtronic is expanding the product security notification based on a previously communicated matter related to the Medtronic MiniMed 508 Insulin pump; it specifically relates to the Medtronic MiniMed MMT-500 and MMT-503 remote controllers due to the potential, associated risks.

AUGUST 20, 2021
Blackberry QNX Real Time Operating System Vulnerabilities
Medtronic products are not impacted by the recently publicized vulnerabilities affecting Blackberry’s QNX operating system.

JUNE 3, 2021
Conexus™ Telemetry and Monitoring Accessories
Security vulnerabilities were identified related to the proprietary Medtronic Conexus radio frequency wireless telemetry protocol in some Medtronic products. First published March 21, 2019.

DECEMBER 10, 2020
Medtronic MyCareLink Smart™ Security Vulnerability Patch
Vulnerabilities were identified impacting Medtronic's MyCareLink (MCL) SmartModel 25000 Patient Reader. Medtronic has developed and released system updates that address tese vulnerabilities. Patients should ensure they have updated their application prior to the next scheduled use.

NOVEMBER 19, 2020
TiYunZong Vulnerability on CT900 Samsung Android Tablet
Security researchers discovered potential vulnerabilities in Samsung tablets (assigned the Medtronic Model CT900) that function as the hardware platform for the Clinician Programmers that interact with Medtronic neurostimulators and implantable drug infusion pumps.

SEPTEMBER 10, 2020
Bluetooth In-Office (BTIO) Security Vulnerability Patch
Two cybersecurity vulnerabilities involving the Bluetooth Low Energy (BLE) communication between certain Medtronic BlueSync™ cardiac devices and the Medtronic CareLink SmartSync™ Device Manager were discovered and subsequently remediated.

JULY 30, 2020
BootHole Vulnerability
Medtronic is aware of and is evaluating a cybersecurity vulnerability known as BootHole that was publicly disclosed on July 29 by security research firm Eclypsium.

JUNE 18, 2020
Ripple20 – Treck TCP/IP Stack Vulnerabilities
Medtronic products are not impacted by the series of security vulnerabilities related to the Treck TCP/IP networking software.

JUNE 11, 2020
Bluetooth Impersonation Attacks (BIAS)
Security vulnerabilities were identified in the FA Controller (model number 3537) and the Patient Telemetry Module (model number 97745).

MARCH 4, 2020
Sweyntooth Vulnerabilities
Medtronic is aware of and is monitoring a series of BlueTooth® Low Energy (BLE) cybersecurity vulnerabilities, collectively known as "SweynTooth" that were publicly disclosed in mid-February by security reasearchers at Singapore University of Technology and Design.

JANUARY 30, 2020
CareLink™ 2090 Programmer and CareLink™ Encore 29901 Programmer
Security vulnerabilities were identified in the CareLink 2090 Programmer and accompanying software distribution network. First published February 27, 2018.

NOVEMBER 7, 2019
Valleylab™ FT10 and Valleylab™ LS10 Electrosurgical Generator RFID Vulnerabilities
Through routine monitoring and testing, Medtronic identified security vulnerabilities in our Valleylab™ FT10 and Valleylab™ LS10 electrosurgical generators.

NOVEMBER 7, 2019
Valleylab™ FT10 and Valleylab™ FX8 Electrosurgical Generator RSSH Vulnerabilities
Through routine monitoring and testing, Medtronic identified security vulnerabilities in the software of the Valleylab™ FT10 and Valleylab™ FX8 electrosurgical generators.

SEPTEMBER 30, 2019
URGENT/11 Vulnerabilities
Medtronic is aware of and is monitoring a series of cybersecurity vulnerabilities known as URGENT/11.

JUNE 27, 2019
MiniMed™ 508 and MiniMed™ Paradigm™ Series Insulin Pumps
Based on earlier work performed by external researchers, potential security vulnerabilities have been identified in select Medtronic insulin pumps.

MAY 28, 2019
Microsoft Remote Desktop Protocol (RDP) Vulnerability
On May 14, 2019, Microsoft announced a cybersecurity vulnerability regarding Remote Code Execution and involving the Remote Desktop Protocol (RDP).

MARCH 13, 2019
MiniMed™ Paradigm™ Insulin Pumps
Security vulnerabilities were identified in the Medtronic MiniMed Paradigm family of insulin pumps and corresponding remote controller. First published August 7, 2018.

DECEMBER 13, 2018
CareLink™ 9790, CareLink™ 2090, and CareLink™ Encore 29901 Programmers
Security vulnerabilities were identified in the Medtronic CareLink 9790 Programmer, CareLink 2090 Programmer, and CareLink Encore 29901 Programmer.

AUGUST 7, 2018
MyCareLink™ Patient Monitor
Security vulnerabilities were identified in the Medtronic MyCareLink Patient Monitor (model numbers 24950 and 24952).

JULY 12, 2018
N’Vision 8840 Physician Programmer
Security vulnerabilities were identified related to the N'Vision 8840 physician programmer and its removable compact flash application card.

JUNE 28, 2018
MyCareLink™ Patient Monitor
Security vulnerabilities were identified in the MyCareLink Patient Monitor that could allow privileged access to the operating system and visibility to product development code.

JANUARY 19, 2018
Spectre and Meltdown
Read about the Medtronic impact and response to the widely-publicized cybersecurity vulnerabilities known as Spectre and Meltdown, which affected many computer and mobile device processors in early 2018.

MAY 17, 2017
WannaCry Cyberattack
Read about the Medtronic impact and response to the WannaCry cyberattack affecting a number of organizations worldwide in spring 2017.