MEDIUM🇵🇱 Wersja polska

CVE-2021-38392

CVSS 6.5v3.1pub. 2021-10-04upd. 2024-11-21

A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region and could use this setting to interrogate or program an implantable device in any region in the world.

CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
  • Bostonscientific Zoom Latitude Pogrammer\/recorder\/monitor 3120

    HW
    Bostonscientific
    wszystkie wersje
  • Bostonscientific Zoom Latitude Pogrammer\/recorder\/monitor 3120 Firmware

    OS
    Bostonscientific
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2021-38394MEDIUM6.2ten sam produkt

An attacker with physical access to the device can extract the binary that checks for the hardware key and rev...

CVE-2021-38396MEDIUM6.5ten sam produkt

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the s...

CVE-2021-38398MEDIUM6.5ten sam produkt

The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. A malicious...

CVE-2021-38400MEDIUM6.9ten sam produkt

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive ...

CVE-2017-14012MEDIUM4.6ten sam vendor

Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vec...