Multiple vulnerabilities in BD FACSChorus
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2023-29060 CVE-2023-29061 CVE-2023-29062 CVE-2023-29063 CVE-2023-29064 CVE-2023-29065 CVE-2023-29066 |
| CWE-ID | CWE-1299 CWE-306 CWE-287 CWE-798 CWE-277 CWE-266 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
FACSChorus Server applications / Other server solutions |
| Vendor | Becton, Dickinson and Company (BD) |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Missing Protection Mechanism for Alternate Hardware Interface
EUVDB-ID: #VU83564
Risk: Low
CVSSv3.1: 5 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-29060
CWE-ID:
CWE-1299 - Missing Protection Mechanism for Alternate Hardware Interface
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the respective workstation operating system does not restrict what devices can interact with its USB ports. An authenticated attacker with physical access can gain access to system information and potentially exfiltrate data.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFACSChorus: 3.0 - 5.1
External linkshttp://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software
http://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-331-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Missing Authentication for Critical Function
EUVDB-ID: #VU83567
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-29061
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to bypass authentication process.
The vulnerability exists due to missing BIOS password. An attacker with physical access can access the BIOS configuration and modify the drive boot order and BIOS pre-boot authentication.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFACSChorus: 3.0 - 5.1
External linkshttp://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software
http://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-331-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Authentication
EUVDB-ID: #VU83568
Risk: Low
CVSSv3.1: 3.5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-29062
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when processing authentication requests. A remote attacker on the local network can perform a brute-force attack, crack the hashes and gain access to sensitive information.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFACSChorus: 3.0 - 5.1
External linkshttp://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software
http://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-331-01
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Missing Protection Mechanism for Alternate Hardware Interface
EUVDB-ID: #VU83569
Risk: Low
CVSSv3.1: 2.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-29063
CWE-ID:
CWE-1299 - Missing Protection Mechanism for Alternate Hardware Interface
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the workstation does not prevent physical access to its PCI express (PCIe) slots. An attacker with physical access can insert a PCI card designed for memory capture and isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFACSChorus: 3.0 - 5.1
External linkshttp://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software
http://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-331-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use of hard-coded credentials
EUVDB-ID: #VU83570
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-29064
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to sensitive information.
The vulnerability exists due to the software contains sensitive information stored in plaintext. An authenticated attacker with physical access can gain hardcoded secrets used by the application
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFACSChorus: 5.0 - 5.1
External linkshttp://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software
http://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-331-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Insecure Inherited Permissions
EUVDB-ID: #VU83571
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-29065
CWE-ID:
CWE-277 - Insecure inherited permissions
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected software database can be accessed directly with the privileges of the currently logged-in user. An authenticated attacker with physical access can gain credentials, which could be used to alter or destroy data stored in the database.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFACSChorus: 5.0 - 5.1
External linkshttp://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software
http://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-331-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Incorrect Privilege Assignment
EUVDB-ID: #VU83572
Risk: Low
CVSSv3.1: 3 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-29066
CWE-ID:
CWE-266 - Incorrect Privilege Assignment
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to compromise the target system.
The vulnerability exists due to the affected software does not properly assign data access privileges for operating system user accounts. An authenticated attacker with physical access can modify information stored in the local application data folders.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsFACSChorus: 5.0 - 5.1
External linkshttp://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software
http://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-331-01
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
