CVE-2023-29062
Unsecure Identity Verification
In short
The FACSChorus application's operating system can be tricked into sending user password hashes to a malicious device on the local network, which an attacker could then try to crack if the password is weak. This only affects computers that are joined to a company domain.
Technical detail
The OS hosting FACSChorus improperly validates resource identity, allowing LLMNR/mDNS/NBNS spoofing attacks that trigger transmission of NTLMv2 hashes to attacker-controlled network endpoints. Successful exploitation requires local network position and weak password entropy; impact is limited to domain-joined systems where offline brute-force attacks on captured hashes become feasible.
Summary generated and translated by AI from the official description.
The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. This is possible through the use of LLMNR, MBT-NS, or MDNS and will result in NTLMv2 hashes being sent to a malicious entity position on the local network. These hashes can subsequently be attacked through brute force and cracked if a weak password is used. This attack would only apply to domain joined systems.
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Affected products
Becton, Dickinson and Company (BD) · FACSChorusWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →