iLet ACE Pump Recall - Security Bypass Vulnerability, 15 Units
FDA Device Recalls (Class II)
Summary
FDA Class II recall of Beta Bionics iLet ACE Pump and iLet Dosing Decision Software (15 units) due to security bypass vulnerability in Lock Screen and Limited Access Passcode Screen software versions 1.3.7, 1.4.2, and 1.4.3. Active icons in the status bar allow unauthorized users to bypass security screens and make meal announcements or stop insulin delivery, posing risk of severe hypoglycemia. Firmware update to latest version required.
What changed
Beta Bionics initiated a Class II medical device recall for 15 iLet ACE Pump units and associated iLet Dosing Decision Software after identifying that software versions 1.3.7, 1.4.2, and 1.4.3 contain active icons on the status bar of the Lock Screen and Limited Access Passcode Screen that allow users to bypass security protections. FDA determined the cause is software design deficiency.
Consignees must update affected devices to the latest firmware version via the iLet app. The security bypass creates a health risk of severe hypoglycemia if unauthorized persons access the device to make meal announcements or stop insulin delivery. Healthcare providers and patients using these insulin infusion pumps should verify their software versions and apply the corrective update immediately.
What to do next
- Download or update your iLet app on your phone
- Log into your iLet app
- Position your iLet next to your phone with the app open
- Go to app settings on the iLet app and follow the on-screen instructions to update to the latest firmware
- Complete the acknowledgment survey at https://sprw.io/stt-6HnQU or scan the QR code
Archived snapshot
Apr 16, 2026GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.
Class 2 Device Recall iLet ACE Pump, iLet Dosing Decision Software
- Databases
| 510(k) | DeNovo | Registration & Listing | Adverse Events | Recalls | PMA | HDE | Classification | Standards |
| CFR Title 21 | Radiation-Emitting Products | X-Ray Assembler | Medsun Reports | CLIA | TPLC | |
| New Search | ) |
| | Class 2 Device Recall iLet ACE Pump, iLet Dosing Decision Software | |
| Date Initiated by Firm | August 13, 2025 |
|---|---|
| Date Posted | April 10, 2026 |
| Recall Status | Open , Classified |
| Recall Number | Z-1809-2026 |
| Recall Event ID | 98528 |
| 510(K)Number | K231485 K232224 |
| Product Classification | Alternate controller enabled insulin infusion pump - Product Code QFG |
| Product | iLet Ace Pump Kit REF: BB1001 iLet Dosing Decision Software |
| Code Information | ILet Ace Pumps containing software version BOM000036 Rev C (version 1.4.2) or older. |
| FEI Number | 3019004087 |
| Recalling Firm/ | |
| Manufacturer | Beta Bionics, Inc. |
11 Hughes
Irvine CA 92618-1902 |
| For Additional Information Contact | Karen Hynes
855-745-3800 |
| Manufacturer Reason
for Recall | it was found that in versions 1.3.7, 1.4.2, and 1.4.3, the Lock Screen and Limited Access Passcode Screen on the iLet graphical user interface (GUI) include certain icons displayed in the status bar that are active, thereby allowing the user to bypass those screens when those icons on the status bar are pressed, allowing unauthorized access while the device is in Limited Access Mode. A Health Risk associated with Limited access mode includes severe hypoglycemia due to unauthorized access to the iLet if someone were to make unauthorized meal announcements or stopped insulin delivery. |
| FDA Determined
Cause | Software design |
| Action | On March 12, 2026 Beta Bionics issued a Urgent Medical Device Correction - Expansion/Update via Email to notify new consignees and previous consignees. Initial notification was issued on August 13, 2025. Beta Bionics ask consignees to take the following actions:
- Download or update your iLet app on your phone. Read the iLet App User Guide.
- Log into your iLet app.
- Position your iLet next to your phone with the app open.
- Go to app settings on the iLet app and follow the on-screen instructions to update to the latest firmware.
- Complete the acknowledgment survey https://sprw.io/stt-6HnQU or scan the QR code. This survey helps us monitor the effectiveness of the recall action. | | Quantity in Commerce | 15 units | | Distribution | US Nationwide distribution including in the states of AL, AR, AZ, CA, CO, CT, DE, FL, GA, ID, IL, IN, LA, MA, MD, ME, MI, ME, MI, MN, MO, MT, NC, NE, NH, NJ, NV, NY, OH, OK, OR, PA, RI, SC, TN, TX, UT, VA, WA, WI, WY AND WASHINGTON DC. | | Total Product Life Cycle | TPLC Device Report |
| 1 A record in this database is created when a firm initiates a correction or removal action. The record is updated if the FDA identifies a violation and classifies the action as a recall, and it is updated for a final time when the recall is terminated. Learn more about medical device recalls.
2 Per FDA policy, recall cause determinations are subject to modification up to the point of termination of the recall.
3 The manufacturer has initiated the recall and not all products have been corrected or removed. This record will be updated as the status changes. | |
| 510(K) Database | 510(K)s with Product Code = QFG |
Related changes
Get daily alerts for FDA Device Recalls (Class II)
Daily digest delivered to your inbox.
Free. Unsubscribe anytime.
Source
About this page
Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission
Source document text, dates, docket IDs, and authority are extracted directly from FDA.
The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.
Classification
Who this affects
Taxonomy
Browse Categories
Get alerts for this source
We'll email you when FDA Device Recalls (Class II) publishes new changes.
Subscribed!
Optional. Filters your digest to exactly the updates that matter to you.