Lucene search

[email protected]NVD:CVE-2021-38392

HistoryOct 04, 2021 - 6:15 p.m.

CVE-2021-38392

2021-10-0418:15:09

CWE-284

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.6 High

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

27.5%

JSON

A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region and could use this setting to interrogate or program an implantable device in any region in the world.

Affected configurations

NVD

Node

bostonscientificzoom_latitude_pogrammer\/recorder\/monitor_3120_firmware

AND

bostonscientificzoom_latitude_pogrammer\/recorder\/monitor_3120Match-

References

us-cert.cisa.gov/ics/advisories/icsma-21-273-01

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.6 High

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

27.5%

JSON

Related for NVD:CVE-2021-38392

cve1 cnvd1 prion1 cvelist1 ics1