The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NBd Facschorus
APPBd3.03.15.05.1HP Z2 Tower G5
HWHpwszystkie wersjeHP Z2 Tower G9
HWHpwszystkie wersje
Related vulnerabilities
The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If...
There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstatio...
The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcode...
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user....
The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user cre...