Multiple vulnerabilities in Boston Scientific Zoom Latitude
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2021-38400 CVE-2021-38394 CVE-2021-38392 CVE-2021-38396 CVE-2021-38398 |
| CWE-ID | CWE-916 CWE-1278 CWE-284 CWE-354 CWE-1329 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120 Hardware solutions / Medical equipment |
| Vendor | Boston Scientific |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Use of Password Hash With Insufficient Computational Effort
EUVDB-ID: #VU56991
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-38400
CWE-ID:
CWE-916 - Use of Password Hash With Insufficient Computational Effort
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to use of password hash with insufficient computational effort. An attacker with physical access can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsma-21-273-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
EUVDB-ID: #VU56992
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-38394
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to missing protection against hardware reverse engineering using integrated circuit (IC) imaging techniques. An attacker with physical access can extract the binary that checks for the hardware key and reverse engineer it and use it to create a physical duplicate of a valid hardware key.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsma-21-273-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper access control
EUVDB-ID: #VU56993
Risk: Low
CVSSv3.1: 6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-38392
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions. An attacker with physical access can gain access to the hard disk drive of the device to change the telemetry region and can use this setting to interrogate or program an implantable device in any region in the world.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsma-21-273-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper validation of integrity check value
EUVDB-ID: #VU56994
Risk: Low
CVSSv3.1: 6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-38396
CWE-ID:
CWE-354 - Improper Validation of Integrity Check Value
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass integrity checks.
The vulnerability exists due to the programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker with physical access can install unauthorized software using a specially crafted USB.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsma-21-273-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Reliance on Component That is Not Updateable
EUVDB-ID: #VU56995
Risk: Low
CVSSv3.1: 6 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-38398
CWE-ID:
CWE-1329 - Reliance on Component That is Not Updateable
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected device uses off-the-shelf software components that contain unpatched vulnerabilities. An attacker with physical access can exploit these vulnerabilities.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsZOOM LATITUDE Programmer/Recorder/Monitor Model 3120: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsma-21-273-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
