MEDIUM🇵🇱 Wersja polska

CVE-2017-14014

CVSS 4.6v3.0pub. 2018-05-01upd. 2024-11-21

Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

CVSS Vector
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Bostonscientific Zoom Latitude Prm 3120

    HW
    Bostonscientific
    wszystkie wersje
  • Bostonscientific Zoom Latitude Prm 3120 Firmware

    OS
    Bostonscientific
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2017-14012MEDIUM4.6ten sam produkt

Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vec...

CVE-2021-38392MEDIUM6.5ten sam vendor

A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the d...

CVE-2021-38394MEDIUM6.2ten sam vendor

An attacker with physical access to the device can extract the binary that checks for the hardware key and rev...

CVE-2021-38396MEDIUM6.5ten sam vendor

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the s...

CVE-2021-38398MEDIUM6.5ten sam vendor

The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. A malicious...