Vulnerabilities > CVE-2021-38394 - Unspecified vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware

047910
CVSS 6.4 - MEDIUM
Attack vector
PHYSICAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
high complexity
bostonscientific

Summary

An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. The hardware key allows access to special settings when inserted.