AliveCor KardiaMobile 6L
Approved changes feed: RSS · Atom
cpe:2.3:h:alivecor:kardiamobile_6l:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Alivecor (00903300-596d-5698-bd52-f3a318c73476) |
|---|---|
| Product | Kardiamobile 6L (b1f665f8-d2ba-5e01-becd-bdefa43e2ac7) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-41627 |
not_vulnerable | 2026-06-08 05:48:30.657357 |
Details available
MEDIUM (4.8)
The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal electrocardiogram (EKG) has no encryption for its data-over-sound protocols. Exploiting this vulnerability could allow an attacker to read patient EKG results or create a denial-of-service condition by emitting sounds at similar frequencies as the device, disrupting the smartphone microphone’s ability to accurately read the data. To carry out this attack, the attacker must be close (less than 5 feet) to pick up and emit sound waves.
Published: 2022-10-27T20:04:06.498Z
Updated: 2025-04-16T16:08:30.914Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.