{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T21:06:06.996","vulnerabilities":[{"cve":{"id":"CVE-2011-3386","sourceIdentifier":"cve@mitre.org","published":"2011-09-02T23:55:05.427","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unspecified vulnerability in Medtronic Paradigm wireless insulin pump 512, 522, 712, and 722 allows remote attackers to modify the delivery of an insulin bolus dose and cause a denial of service (adverse human health effects) via unspecified vectors involving wireless communications and knowledge of the device's serial number, as demonstrated by Jerome Radcliffe at the Black Hat USA conference in August 2011.  NOTE: the vendor has disputed the severity of this issue, saying \"we believe the risk of deliberate, malicious, or unauthorized manipulation of medical devices is extremely low... we strongly believe it would be extremely difficult for a third-party to wirelessly tamper with your insulin pump... you would be able to detect tones on the insulin pump that weren't intentionally programmed and could intervene accordingly.\""},{"lang":"es","value":"Vulnerabilidad no especificada en la bomba de insulina inalambirca Medtronic Paradigm 512, 522, 712 y 722, permite a atacantes remotos modificar la administración de una dosis de insulina y provocar una denegación de servicio (efectos adversos para la salud humana) a través de vectores no especificados relacionados con las comunicaciones inalámbricas y el conocimiento de la número de serie del dispositivo, como se demuestra por Jerome Radcliffe en la conferencia Black Hat de EE.UU. en agosto de 2011. NOTA: el vendedor ha puesto en duda la gravedad de este asunto, diciendo que \"creemos que el riesgo de manipulación deliberada, malintencionada o no autorizada de dispositivos médicos es muy bajo ... estamos convencidos de que sería extremadamente difícil para un tercero de forma inalámbrica interferir en la bomba de insulina ... usted sería capaz de detectar los tonos de la bomba de insulina que no estaban programados intencionalmente y podría actuar en consecuencia. \""}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:N/I:P/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:medtronic:paradigm_wireless_insulin_pump:512:*:*:*:*:*:*:*","matchCriteriaId":"4A2EB468-F01F-4ED8-A68D-912D5861E6FB"},{"vulnerable":true,"criteria":"cpe:2.3:h:medtronic:paradigm_wireless_insulin_pump:522:*:*:*:*:*:*:*","matchCriteriaId":"DD8F4622-A67F-46AB-8F44-D1D021FEE92C"},{"vulnerable":true,"criteria":"cpe:2.3:h:medtronic:paradigm_wireless_insulin_pump:712:*:*:*:*:*:*:*","matchCriteriaId":"75DB801E-6E51-40A8-9424-923EEAB6EBFD"},{"vulnerable":true,"criteria":"cpe:2.3:h:medtronic:paradigm_wireless_insulin_pump:722:*:*:*:*:*:*:*","matchCriteriaId":"62B4EFD1-CB94-4453-AF69-F0DAE4BE3435"}]}]}],"references":[{"url":"http://sixuntilme.com/blog2/2011/08/hacked_jay_radcliffe_insulin_p.html","source":"cve@mitre.org"},{"url":"http://www.darkreading.com/security/vulnerabilities/231300312/getting-root-on-the-human-body.html","source":"cve@mitre.org"},{"url":"http://www.foxnews.com/scitech/2011/08/04/insulin-pumps-vulnerable-to-hacking/?test=faces","source":"cve@mitre.org"},{"url":"http://www.hanselman.com/blog/HackersCanKillDiabeticsWithInsulinPumpsFromAHalfMileAwayUmNoFactsVsJournalisticFearMongering.aspx","source":"cve@mitre.org"},{"url":"http://www.informationweek.com/news/security/vulnerabilities/231600265","source":"cve@mitre.org"},{"url":"http://www.loop-blog.com/Blog_Full_Post?id=a09C000000Dbz3JIAR","source":"cve@mitre.org"},{"url":"http://www.scmagazineus.com/black-hat-insulin-pumps-can-be-hacked/article/209106/","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/69643","source":"cve@mitre.org"},{"url":"http://sixuntilme.com/blog2/2011/08/hacked_jay_radcliffe_insulin_p.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.darkreading.com/security/vulnerabilities/231300312/getting-root-on-the-human-body.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.foxnews.com/scitech/2011/08/04/insulin-pumps-vulnerable-to-hacking/?test=faces","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.hanselman.com/blog/HackersCanKillDiabeticsWithInsulinPumpsFromAHalfMileAwayUmNoFactsVsJournalisticFearMongering.aspx","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.informationweek.com/news/security/vulnerabilities/231600265","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.loop-blog.com/Blog_Full_Post?id=a09C000000Dbz3JIAR","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.scmagazineus.com/black-hat-insulin-pumps-can-be-hacked/article/209106/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/69643","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}