Main Vulnerability Database Vulnerabilities #VU56995

Reliance on Component That is Not Updateable in ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120 - CVE-2021-38398

Published: October 1, 2021

Vulnerability identifier: #VU56995

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2021-38398

CWE-ID: CWE-1329

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120

Software vendor:
Boston Scientific

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to the affected device uses off-the-shelf software components that contain unpatched vulnerabilities. An attacker with physical access can exploit these vulnerabilities.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://ics-cert.us-cert.gov/advisories/icsma-21-273-01

Reliance on Component That is Not Updateable in ZOOM LATITUDE Programmer/Recorder/Monitor Model 3120 - CVE-2021-38398

Description

Remediation

External links

Please verify you're human