Your browser is out of date

With an updated browser, you will have a better Medtronic website experience. Update my browser now.

×

Skip to main content

MiniMed™ 600 Series Pump System Communication Issue Security Bulletin

September 20, 2022

Impacted Products

  • MiniMed™ 620G (MMT-1750)
  • MiniMed™ 630G (MMT-1715, MMT-1754, MMT-1755)
  • MiniMed™ 640G (MMT-1711, MMT-1712, MMT-1751, MMT-1752)
  • MiniMed™ 670G (MMT-1740, MMT-1741, MMT-1742, MMT-1760, MMT-1761, MMT-1762, MMT-1780, MMT-1781, MMT-1782)
  • Guardian™ Link 3 Transmitter (MMT-7810, MMT-7811)
  • Guardian™ 2 Link Transmitter (MMT-7730, MMT-7731, MMT-7738, MMT-7775)
  • CareLink™ USB (MMT-7306)
  • Contour® Next Link 2.4/Contour® Plus Link 2.4 (MMT-1151, MMT-1152, MMT-1351, MMT-1352)
Product Images: MiniMed™ 600 series insulin pump, Guardian™ Link 3 transmitter, Contour® Next Link Blood Glucose Meter, CareLink™ USB

¹ Sample image. Pump screen and buttons vary by model.

 

Vulnerability Summary

The MiniMed™ 600 series pump system consists of components such as the pump, continuous glucose monitoring (CGM) transmitter, blood glucose meter and CareLink™ USB device that communicate wirelessly. Medtronic has recently identified a potential issue through internal testing whereby, under specific circumstances, the communication between the components of the pump system could be compromised through unauthorized access.

For unauthorized access to occur, a nearby person other than the patient or their care partner would need to gain access to the pump at the same time that the pump is being paired with other system components. This cannot be done over the internet.

Medtronic has no evidence to date that such an issue has occurred. However, in the unlikely event that unauthorized access would be successful, the access could be used to deliver too much or too little insulin through delivery of an unintended insulin bolus or because insulin delivery is slowed or stopped. Too much insulin could result in hypoglycemia (low blood sugar) which can potentially lead to seizure, coma or death. Too little insulin could result in hyperglycemia (high blood sugar) which can potentially lead to diabetic ketoacidosis.

Medtronic recommends all patients take the actions and precautions listed below. 

Actions recommended for all patients:

  1. Turn off the “Remote Bolus” feature on your pump if it is turned on. Note that the “Remote Bolus” capability is on by default, so you should take this action even if you have never used this feature.

  2. Conduct any connection linking of devices in a non-public place.

Precautions recommended for all patients:

  1. Keep your pump and connected system components within your control at all times.
  2. Be attentive to pump notifications, alarms, and alerts. 
  3. Immediately cancel any boluses you or your care partner did not initiate, monitor blood glucose levels closely and reach out to Medtronic 24-Hour Technical Support to report the bolus. NOTE: Turning off remote bolus feature will ensure no remote bolus is possible
  4. Disconnect the USB device from your computer when you’re not using it to download pump data. 
  5. DO NOT confirm remote connection requests or any other remote action on the pump screen unless it is initiated by you or your care partner.
    Device screen capture: Confirm Device SN - Cancel
  6. DO NOT share your pump’s or devices’ serial numbers with anyone other than your healthcare provider, distributors, and Medtronic.
  7. DO NOT accept, calibrate, or bolus using a blood glucose reading you didn’t initiate.  
  8. DO NOT connect to or allow any third-party devices to be connected to your pump
  9. DO NOT use any software which has not been authorized by Medtronic as being safe for use with your pump. 
  10. Get medical help immediately when experiencing symptoms of severe hypoglycemia or diabetic ketoacidosis. 
  11. Reach out to Medtronic 24-Hour Technical Support if you suspect a pump setting or insulin delivery have changed unexpectedly, without your knowledge. 

Medtronic has additional general security information, at the following location:

https://www.medtronic.com/security

The best step you can take now to eliminate your individual risk of unintended delivery of insulin is to permanently turn off the Remote Bolus feature on your pump. We will continue to actively monitor the situation and are committed to sharing relevant information or actions with you in the future.

We understand this impacts your experience and are here to support you. If you have further questions, please call the Medtronic 24-Hour Technical Support line at 1-800-646-4633, option 1.

 

How to Turn off Remote Bolus settings?

Follow these steps to turn off Remote Bolus feature: 

 

MiniMed 670G Insulin Pump (MMT-1780, MMT-1781, MMT-1782)

Note: The Remote Bolus feature is not available when in SmartGuard™ Auto Mode

  1. If Auto Mode is active, Auto mode must first be deactivated to enter manual mode using the following step:

    • Press Center Button ( ) and go to the Auto Mode settings screen.
      Options > SmartGuard > Auto Mode

      Device screen capture: select Options, select SmartGuard, select Auto Mode, turn Auto Mode off, select Save
       View larger image
  1. Select Save
  2. In manual mode, press Center Button ( ) and go to the Remote Bolus screen. Options > Utilities > Remote Bolus

    Device screen capture: select Options, select Utilities, select Remote Bolus
     View larger image

    The Remote Bolus screen appears
    Device screen capture: Remote Bolus on
     View larger image
  3. Select Remote Bolus to turn the feature off.
    Device screen capture: select Remote Bolus to turn off, select Save
     View larger image
  1. Select Save

    • If you wish to reactivate Auto Mode, go to the Auto Mode settings screen.
      Options > SmartGuard > Auto Mode

      Device screen capture: select Options, select SmartGuard, select Auto Mode, turn Auto Mode on, select Save
       View larger image

 

 
 

MiniMed 620G (MMT-1710), MiniMed 630G (MMT-1714, MMT-1715), and MiniMed 640G (MMT-1711, MMT-1712)

Note: Remote Bolus default setting is "ON".

  1. Press Menu Button ( ) and go to the Remote Bolus screen.
    Menu > Utilities > Remote Bolus

    Device screen capture: select Utilities, select Remote Bolus
     View larger image

    The Remote Bolus screen appears
    Device screen capture: Remote Bolus on
     View larger image
  1. Select Save
  2. Select Remote Bolus to turn the feature off
    Device screen capture: select Remote Bolus to turn off, select Save
     View larger image
  3. Select Save

 

Additional technical details

The vulnerability associated with the Remote Bolus feature has a CVSS 3.1 score of 4.8. The CVE number is CVE-2022-32537.

 

Definition of terms

  1. Healthcare provider: A healthcare provider is any person or organization that furnishes healthcare services and supplies, bills for them, or is paid for them. In this case, healthcare providers can be individuals (doctors or nurses) or organizations (hospitals, clinics, practice groups, along with their administrative staff). Healthcare researchers are also considered providers. 
  2. Vulnerability: A vulnerability is a weakness in systems, software or products that compromises security. A vulnerability allows people to perform bad actions on those same systems, software, and products. 
  3. Exploit: An exploit is a program or methodology created to take advantage of a vulnerability in a system or product to gain unauthorized access or negatively affect proper operation. 
  4. Authentication: Authentication is the process of recognizing and affirming a user or device’s identity. Authentication typically uses specific information about a user or a device, such as something only the user/device knows (password, security question, security key), a physical characteristic (fingerprint, facial recognition, device certificate), or something they have (email address, mobile phone number, MAC address). 
  5. Encryption: Encryption is the process of modifying data or information, so it is not recognizable or readable by a human. Encryption is performed using predefined calculations, called algorithms, that have a key. To change the data back from its encrypted form to its readable form, a person must have the key and know the specific algorithm used. Encryption keeps private and sensitive data safe from being read by someone who does not have permission to read or use it. 
  6. Pairing: A wireless connection between two pump system components that leverages a secret code uniquely generated for every patient’s specific pump system component that protects the integrity and confidentiality of wireless communications.