CVE Vulnerabilities

CVE-2021-38392

Published: Oct 04, 2021 | Modified: Oct 27, 2022

CVSS 3.x

7.6

HIGH

Source:

NVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS 2.x

7.2 HIGH

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-38392
CWE	https://cwe.mitre.org/data/definitions/.html

A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region and could use this setting to interrogate or program an implantable device in any region in the world.

Affected Software

Name	Vendor	Start Version	End Version
Zoom_latitude_pogrammer/recorder/monitor_3120_firmware	Bostonscientific	*	*

References

https://us-cert.cisa.gov/ics/advisories/icsma-21-273-01

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.