Endres Puschner

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** A skilled attacker with physical access to the affected device can gain access to the hard disk drive of the device to change the telemetry region. This setting could then be used to interrogate or program an implantable device in any region in the world. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it. This could be used to create a physical duplicate of a valid hardware key, which allows access to special settings when inserted. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Programmer installation utility (affected versions not specified) **Description** The issue arises from the programmer installation utility's failure to perform cryptographic authenticity or integrity checks on the software stored on a flash drive. This weakness can be exploited by an attacker to install unauthorized software using a specially crafted USB drive. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned. **Description** The issue concerns the presence of unpatched vulnerabilities in off-the-shelf software components used by the affected device. A malicious attacker with physical access to the device could exploit these vulnerabilities. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Boston Scientific Zoom Latitude Model 3120 **Description** An attacker with physical access to the device can remove the hard disk drive or create a specially crafted USB to extract the password hash for brute force reverse engineering of the system password. **Recommendations** For Boston Scientific Zoom Latitude Model 3120, consider restricting physical access to the device to minimize the risk of exploitation. As a temporary workaround, limit the use of removable storage devices and ensure that all USB ports are securely managed to prevent the creation of specially crafted USB devices. At the moment, there is no information about a newer version that contains a fix for this vulnerability.