{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T15:31:28.143","vulnerabilities":[{"cve":{"id":"CVE-2023-29063","sourceIdentifier":"cybersecurity@bd.com","published":"2023-11-28T21:15:07.613","lastModified":"2024-11-21T07:56:29.133","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup."},{"lang":"es","value":"La estación de trabajo FACSChorus no impide el acceso físico a sus ranuras PCI express (PCIe), lo que podría permitir que un actor de amenazas inserte una tarjeta PCI diseñada para la captura de memoria. Luego, un actor de amenazas puede aislar información confidencial, como una clave de cifrado BitLocker, de un volcado de la RAM de la estación de trabajo durante el inicio."}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@bd.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":2.4,"baseSeverity":"LOW","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":2.4,"baseSeverity":"LOW","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":1.4}]},"weaknesses":[{"source":"cybersecurity@bd.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1299"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bd:facschorus:5.0:*:*:*:*:*:*:*","matchCriteriaId":"4D5E0D4F-559B-414E-A627-0BA0937BD7F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:bd:facschorus:5.1:*:*:*:*:*:*:*","matchCriteriaId":"57F63FB2-2AE2-4B5F-8B49-4A0A4549CF3E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hp:hp_z2_tower_g9:-:*:*:*:*:*:*:*","matchCriteriaId":"54279DE4-A2A4-4AA6-A05F-931094446F16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bd:facschorus:3.0:*:*:*:*:*:*:*","matchCriteriaId":"2785D17E-800C-4772-A131-5737E9446C01"},{"vulnerable":true,"criteria":"cpe:2.3:a:bd:facschorus:3.1:*:*:*:*:*:*:*","matchCriteriaId":"30FD1DE4-982F-4D14-BB8A-478F8430BC63"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hp:hp_z2_tower_g5:-:*:*:*:*:*:*:*","matchCriteriaId":"7E9BA28D-9C14-435A-9786-222BE58A9258"}]}]}],"references":[{"url":"https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software","source":"cybersecurity@bd.com","tags":["Vendor Advisory"]},{"url":"https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}