CVE-2021-38398

Summary

The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. A malicious attacker with physical access to the affected device could exploit these vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
Boston ScientificZOOM LATITUDEModel 3120affected

Weaknesses

  • CWE-1329: CWE-1329

Workarounds

Boston Scientific is in the process of transitioning all users to a replacement programmer with enhanced security, the LATITUDE Programming System, Model 3300. Boston Scientific will not issue a product update to address the identified vulnerabilities in the ZOOM LATITUDE Programming System, Model 3120.

ADP Enrichment

CVE Program Container

Additional References

References