Multiple vulnerabilities in Boston Scientific Zoom Latitude



Published: 2021-10-01
Risk Low
Patch available NO
Number of vulnerabilities 5
CVE-ID CVE-2021-38400
CVE-2021-38394
CVE-2021-38392
CVE-2021-38396
CVE-2021-38398
CWE-ID CWE-916
CWE-1278
CWE-284
CWE-354
CWE-1329
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120
Hardware solutions / Medical equipment

Vendor Boston Scientific

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Use of Password Hash With Insufficient Computational Effort

EUVDB-ID: #VU56991

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L/E:U/RL:U/RC:C]

CVE-ID: CVE-2021-38400

CWE-ID: CWE-916 - Use of Password Hash With Insufficient Computational Effort

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to use of password hash with insufficient computational effort. An attacker with physical access can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password. 

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-21-273-01

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques

EUVDB-ID: #VU56992

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]

CVE-ID: CVE-2021-38394

CWE-ID: CWE-1278 - Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techni

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to missing protection against hardware reverse engineering using integrated circuit (IC) imaging techniques. An attacker with physical access can extract the binary that checks for the hardware key and reverse engineer it and use it to create a physical duplicate of a valid hardware key.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-21-273-01

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper access control

EUVDB-ID: #VU56993

Risk: Low

CVSSv3.1: 6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]

CVE-ID: CVE-2021-38392

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. An attacker with physical access can gain access to the hard disk drive of the device to change the telemetry region and can use this setting to interrogate or program an implantable device in any region in the world.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-21-273-01

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper validation of integrity check value

EUVDB-ID: #VU56994

Risk: Low

CVSSv3.1: 6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]

CVE-ID: CVE-2021-38396

CWE-ID: CWE-354 - Improper Validation of Integrity Check Value

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass integrity checks.

The vulnerability exists due to the programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker with physical access can install unauthorized software using a specially crafted USB.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-21-273-01

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Reliance on Component That is Not Updateable

EUVDB-ID: #VU56995

Risk: Low

CVSSv3.1: 6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]

CVE-ID: CVE-2021-38398

CWE-ID: CWE-1329 - Reliance on Component That is Not Updateable

Exploit availability: No

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to the affected device uses off-the-shelf software components that contain unpatched vulnerabilities. An attacker with physical access can exploit these vulnerabilities.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions


CPE2.3 External links

http://ics-cert.us-cert.gov/advisories/icsma-21-273-01

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###