CVE-2023-29061 – Lack of Adequate BIOS Authentication
https://notcve.org/view.php?id=CVE-2023-29061
There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially exploit this vulnerability to access the BIOS configuration and modify the drive boot order and BIOS pre-boot authentication. No existe una contraseña de BIOS en la estación de trabajo FACSChorus. Un actor de amenazas con acceso físico a la estación de trabajo puede explotar esta vulnerabilidad para acceder a la configuración del BIOS y modificar el orden de inicio de la unidad y la autenticación previa al inicio del BIOS. • https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software • CWE-306: Missing Authentication for Critical Function •
CVE-2023-29060 – Lack of USB Whitelisting
https://notcve.org/view.php?id=CVE-2023-29060
The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data. El sistema operativo de la estación de trabajo FACSChorus no restringe qué dispositivos pueden interactuar con sus puertos USB. Si se explota, un actor de amenazas con acceso físico a la estación de trabajo podría obtener acceso a la información del sistema y potencialmente filtrar datos. • https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software • CWE-306: Missing Authentication for Critical Function CWE-1299: Missing Protection Mechanism for Alternate Hardware Interface •
CVE-2022-31643
https://notcve.org/view.php?id=CVE-2022-31643
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability. • https://support.hp.com/us-en/document/ish_7013183-7013209-16/hpsbhf03812 •
CVE-2021-3809
https://notcve.org/view.php?id=CVE-2021-3809
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities. • https://support.hp.com/us-en/document/ish_6184733-6184761-16/hpsbhf03788 •
CVE-2021-3808
https://notcve.org/view.php?id=CVE-2021-3808
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities. • https://support.hp.com/us-en/document/ish_6184733-6184761-16/hpsbhf03788 •