Medtronic MiniMed 508 and Paradigm Series Insulin Pumps

Monitor7.1ICS-CERT ICSMA-19-178-01Jun 27, 2019

Attack VectorAdjacent

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Medtronic MiniMed 508 and Paradigm series insulin pumps (511, 512/712, 515/715, 522/722, 522K/722K, 523/723, 523K/723K, 712E, and Veo models 554/754/554CM/754CM) contain a wireless RF authentication weakness. An attacker with adjacent RF access could intercept and modify wireless communications between the pump and its remote control or continuous glucose sensor. This allows reading of sensitive patient data, alteration of insulin dose settings, or disruption of insulin delivery. The affected products are end-of-life and will not receive firmware patches. Medtronic recommends patients transition to newer pump models with improved RF security. All versions of most models are affected; specific versions of Veo 554CM/754CM (≤2.7A), Paradigm 523/723/523K/723K (≤2.4A), and Veo 554/754 (≤2.6A) are affected.

What this means

What could happen

An attacker within wireless range of an affected insulin pump could intercept, modify, or block wireless communications to read sensitive data, change insulin delivery settings, or stop the pump from functioning. Altered insulin doses or interrupted delivery could cause serious patient harm including hyperglycemia, hypoglycemia, or diabetic ketoacidosis.

Who's at risk

This advisory impacts insulin pump patients using Medtronic MiniMed and Paradigm series pumps. Healthcare facilities, diabetes clinics, and patients who depend on continuous insulin delivery are affected. The vulnerability threatens medical device safety systems that regulate insulin infusion in diabetic patients.

How it could be exploited

An attacker positioned within RF range of an affected pump (typically within 50-100 feet) could craft wireless RF signals to spoof legitimate commands from the patient's remote control or sensor. Without proper authentication or encryption, the pump would accept these forged commands to read current insulin levels, modify dose settings, or halt insulin delivery.

Prerequisites

Attacker must be within RF wireless range of the affected pump (adjacent network access, approximately 50-100 feet)
No authentication credentials or valid commands required—the pump accepts RF packets without verification
Target device must be one of the listed affected models
Attacker needs RF signal generation capability (e.g., software-defined radio equipment)

No authentication requiredRemotely exploitable (RF/adjacent access)Low complexity attackNo patch available (end-of-life products)Affects safety-critical medical deviceCould cause physical harm to patient

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (11)

1 pending10 EOL

ProductAffected VersionsFix Status

MiniMed Paradigm 511 pump: All versionsAll versionsNo fix (EOL)

MiniMed Paradigm Veo 554CM and 754CM models only: Software≤ 2.7ANo fix yet

MiniMed Paradigm 512/712 pumps: All versionsAll versionsNo fix (EOL)

MiniMed Paradigm 522/722 pumps: All versionsAll versionsNo fix (EOL)

MiniMed Paradigm 523/723 pumps: Software≤ 2.4ANo fix (EOL)

MiniMed Paradigm 523K/723K pumps: Software≤ 2.4ANo fix (EOL)

MiniMed Paradigm Veo 554/754 pumps: Software≤ 2.6ANo fix (EOL)

MiniMed Paradigm 712E pump: All versionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/3

Do now

0/2

HOTFIXWork with patient's healthcare provider to replace the affected insulin pump with a newer Medtronic model that includes enhanced RF authentication and encryption

WORKAROUNDFor patients unable to immediately transition: maintain regular communication with healthcare provider to monitor for unusual glucose readings or pump malfunction, and increase frequency of manual blood glucose checks

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: MiniMed Paradigm 511 pump: All versions, MiniMed Paradigm 512/712 pumps: All versions, MiniMed Paradigm 522/722 pumps: All versions, MiniMed Paradigm 523/723 pumps: Software, MiniMed Paradigm 523K/723K pumps: Software, MiniMed Paradigm Veo 554/754 pumps: Software, MiniMed Paradigm 712E pump: All versions, MiniMed 508 pump: All versions, MiniMed Paradigm 515/715 pumps: All versions, MiniMed Paradigm 522K/722K pumps: All versions. Apply the following compensating controls:

HARDENINGEducate patient on cybersecurity practices: keep pump close to body when not in use, be aware of suspicious RF interference or unexplained pump behavior, and promptly report any unusual readings or delivery failures to healthcare provider

CVEs (1)

CVE-2019-10964

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/22d981f0-322b-4cb8-b72b-2a997681b5e4