- What is the severity of CVE-2020-10627?
- CVE-2020-10627 has been scored as a high severity vulnerability.
- How to fix CVE-2020-10627?
- As a workaround for remediating CVE-2020-10627: Insulet recommends patients using the affected products talk to their healthcare provider about the risks of continued use, including the possibility of changing to the latest model with increased cybersecurity protection. Additionally, Insulet recommends all patients take the cybersecurity precautions indicated below. Do not connect to or allow any third-party devices to be connected to or use any software not authorized by Insulet. Maintain tight physical control of the pump and devices connected to the pump. Be attentive to pump notifications, alarms, and alerts. Immediately cancel any unintended boluses (a single dose of insulin administered all at once). Monitor blood glucose levels closely and act as appropriate. Get medical help immediately when experiencing symptoms of severe hypoglycemia or diabetic ketoacidosis or if you suspect insulin pump settings or insulin delivery has changed unexpectedly. Insulet has released additional patient-focused information: https://www.myomnipod.com/security-bulletins More information is available regarding Insulet’s product security and vulnerability management: https://www.myomnipod.com/product-security
- Is CVE-2020-10627 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2020-10627 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2020-10627?
- CVE-2020-10627 affects Insulet Omnipod Insulin Management System.