Four vulnerabilities in Ypsomed's mylife diabetes management software have been found. Exploitation of these vulnerabilities could expose credentials or allow an opportunity for a Man-in-the-Middle attack.
The following platforms are known to be affected:
Ypsomed mylife Cloud Versions: all prior to 1.7.2
Ypsomed mylife App Versions: all prior to 1.7.5
Ypsomed have updated their affected mylife Cloud backend services to mitigate the mylife Cloud in versions prior to 1.7.2.
Affected organisations should contact their relevant suppliers and ensure all mylife app users have updated to version 1.7.5 or later.
Definitive source of threat updates
Last edited: 16 July 2021 1:33 pm