CVE-2023-29060

The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:bd:facschorus:5.0:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:5.1:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_z2_tower_g9:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:bd:facschorus:3.0:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:3.1:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_z2_tower_g5:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:56

Type Values Removed Values Added
References () https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software - Mitigation, Vendor Advisory () https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software - Mitigation, Vendor Advisory
CVSS v2 : unknown
v3 : 5.7
v2 : unknown
v3 : 5.4

05 Dec 2023, 14:44

Type Values Removed Values Added
CPE cpe:2.3:o:bd:facschorus:5.0:*:*:*:*:*:*:*
cpe:2.3:o:bd:facschorus:5.1:*:*:*:*:*:*:*
cpe:2.3:o:bd:facschorus:3.1:*:*:*:*:*:*:*
cpe:2.3:o:bd:facschorus:3.0:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:3.1:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:5.0:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:5.1:*:*:*:*:*:*:*
cpe:2.3:a:bd:facschorus:3.0:*:*:*:*:*:*:*

04 Dec 2023, 19:20

Type Values Removed Values Added
First Time Hp hp Z2 Tower G5
Bd facschorus
Bd
Hp hp Z2 Tower G9
Hp
CWE CWE-306
CPE cpe:2.3:h:hp:hp_z2_tower_g5:-:*:*:*:*:*:*:*
cpe:2.3:o:bd:facschorus:5.0:*:*:*:*:*:*:*
cpe:2.3:o:bd:facschorus:5.1:*:*:*:*:*:*:*
cpe:2.3:o:bd:facschorus:3.0:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_z2_tower_g9:-:*:*:*:*:*:*:*
cpe:2.3:o:bd:facschorus:3.1:*:*:*:*:*:*:*
References () https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software - () https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software - Mitigation, Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.7

28 Nov 2023, 21:15

Type Values Removed Values Added
Summary The FACSChorusâ„¢ workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data. The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data.

28 Nov 2023, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-28 20:15

Updated : 2024-11-21 07:56


NVD link : CVE-2023-29060

Mitre link : CVE-2023-29060

CVE.ORG link : CVE-2023-29060


JSON object : View

Products Affected

hp

  • hp_z2_tower_g9
  • hp_z2_tower_g5

bd

  • facschorus
CWE
CWE-1299

Missing Protection Mechanism for Alternate Hardware Interface

CWE-306

Missing Authentication for Critical Function