Vulnerabilities > Bostonscientific > Zoom Latitude Pogrammer Recorder Monitor 3120 Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-04	CVE-2021-38394	Unspecified vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. high complexity bostonscientific	6.4
2021-10-04	CVE-2021-38396	Insufficient Verification of Data Authenticity vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. low complexity bostonscientific CWE-345	6.8
2021-10-04	CVE-2021-38398	Unspecified vulnerability in Bostonscientific products The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. low complexity bostonscientific	6.8
2021-10-04	CVE-2021-38400	Use of Password Hash With Insufficient Computational Effort vulnerability in Bostonscientific Zoom Latitude Pogrammer/Recorder/Monitor 3120 Firmware An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password. low complexity bostonscientific CWE-916	6.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.