CVE-2021-38400

MEDIUM

Boston Scientific Zoom Latitude Model 3120 - Info Disclosure

Title source: llm

Description

An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password.

References (1)

[Third Party Advisory, US Government Resource] https://us-cert.cisa.gov/ics/advisories/icsma-21-273-01

Scores

CVSS v3 6.9

EPSS 0.0003

EPSS Percentile 6.9%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L

Details

CWE

CWE-916

Status published

Products (1)

bostonscientific/zoom_latitude_pogrammer\/recorder\/monitor_3120_firmware

Published Oct 04, 2021

Tracked Since Feb 18, 2026