CVE-2026-50034
Awaiting Analysis Awaiting Analysis - Queue

Bluetooth Low Energy Traffic Interception Exposes Glucose Data

Vulnerability report for CVE-2026-50034, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-19

Last updated on: 2026-06-22

Assigner: ICS-CERT

Description

An attacker within BLE communication range can passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-19
Last Modified
2026-06-22
Generated
2026-07-09
AI Q&A
2026-06-19
EPSS Evaluated
2026-07-08
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability allows an attacker who is within Bluetooth Low Energy (BLE) communication range to passively intercept wireless traffic.

By doing so, the attacker can obtain sensitive health-related information, specifically glucose measurement values.

Impact Analysis

The impact of this vulnerability is that sensitive health information, such as glucose measurement data, can be exposed to unauthorized parties.

This exposure can lead to privacy violations and potential misuse of personal health data.

Compliance Impact

This vulnerability allows an attacker within Bluetooth Low Energy (BLE) communication range to passively intercept wireless traffic and obtain sensitive health-related information, including glucose measurement values.

The exposure of sensitive health-related data could potentially impact compliance with regulations such as GDPR and HIPAA, which require the protection of personal health information and mandate safeguards against unauthorized access or disclosure.

However, specific details on compliance impact or mitigation measures are not provided in the available information.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50034. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart