Description
An attacker with physical access to Boston Scientific Zoom Latitude Model 3120 can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password.
CVSS breakdown
CVSS 3.1
Attack Vector
Physical
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
Low
Affected products
- Boston Scientific / ZOOM LATITUDEModel 3120 – Model 3120
References
- VENDOR_ADVISORYhttps://us-cert.cisa.gov/ics/advisories/icsma-21-273-01