CVE-2023-29060

MEDIUM Year: 2023
CVSS v3 Score
5.7
Medium
Weakness Type
CWE-1299
View all →

Vulnerability Description

The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data.

Related Vulnerabilities

CVE-2022-43557

MEDIUM
CVSS:5.3(Medium)

The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be abl...

CWE-12992022

CVE-2021-3788

MEDIUM
CVSS:6.8(Medium)

An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker with physical access unauthorized access to the device.

CWE-12992021

CVE-2024-47944

MEDIUM
CVSS:6.8(Medium)

The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgr...

CWE-12992024

CVE-2024-39723

MEDIUM
CVSS:4.6(Medium)

IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. ...

CWE-12992024

CVE-2025-1073

HIGH
CVSS:7.5(High)

Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access to load unauthorized firmware onto the device.

CWE-12992025

CVE-2025-1073

HIGH
CVSS:7.5(High)

Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access to load unauthorized firmware onto the device.

CWE-12992025