Описание
An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. The hardware key allows access to special settings when inserted.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:bostonscientific:zoom_latitude_pogrammer\/recorder\/monitor_3120_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:bostonscientific:zoom_latitude_pogrammer\/recorder\/monitor_3120:-:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00042
Низкий
6.2 Medium
CVSS3
6.4 Medium
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-1278
Связанные уязвимости
github
больше 3 лет назад
An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. The hardware key allows access to special settings when inserted.
EPSS
Процентиль: 13%
0.00042
Низкий
6.2 Medium
CVSS3
6.4 Medium
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-1278