V3Ga

**Name of the Vulnerable Software and Affected Versions** FACSChorus workstation operating system (affected versions not specified) **Description** The issue concerns the lack of restriction on devices that can interact with the USB ports of the FACSChorus workstation operating system. This could allow a threat actor with physical access to the workstation to gain access to system information and potentially exfiltrate data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FACSChorus workstation (affected versions not specified) **Description** The issue concerns the lack of a BIOS password on the FACSChorus workstation. This allows a threat actor with physical access to potentially exploit the issue and access the BIOS configuration. They can then modify the drive boot order and BIOS pre-boot authentication. **Recommendations** For the FACSChorus workstation, set a BIOS password to prevent unauthorized access to the BIOS configuration and modifications to the drive boot order and BIOS pre-boot authentication.

**Name of the Vulnerable Software and Affected Versions** Operating System (affected versions not specified) **Description** The issue arises when the Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials without properly validating the identity of the requested resource. This can occur through the use of LLMNR, MBT-NS, or MDNS, resulting in NTLMv2 hashes being sent to a malicious entity on the local network. These hashes can be attacked through brute force and cracked if a weak password is used. The attack is limited to domain-joined systems. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FACSChorus workstation (affected versions not specified) **Description** The issue concerns the lack of physical access prevention to the PCI express (PCIe) slots in the workstation. This could allow a threat actor to insert a PCI card designed for memory capture, enabling them to isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.