MEDIUM🇵🇱 Wersja polska

CVE-2021-38394

CVSS 6.2v3.1pub. 2021-10-04upd. 2024-11-21

An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. The hardware key allows access to special settings when inserted.

CVSS Vector
CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L
  • Bostonscientific Zoom Latitude Pogrammer\/recorder\/monitor 3120

    HW
    Bostonscientific
    wszystkie wersje
  • Bostonscientific Zoom Latitude Pogrammer\/recorder\/monitor 3120 Firmware

    OS
    Bostonscientific
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-38392MEDIUM6.5ten sam produkt

A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the d...

CVE-2021-38396MEDIUM6.5ten sam produkt

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the s...

CVE-2021-38398MEDIUM6.5ten sam produkt

The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. A malicious...

CVE-2021-38400MEDIUM6.9ten sam produkt

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive ...

CVE-2017-14012MEDIUM4.6ten sam vendor

Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vec...