CVE-2023-29063
Lack of DMA Access Protections
In short
The FACSChorus workstation doesn't protect its PCI card slots from physical access, allowing someone to insert a device that captures memory and steal sensitive data like encryption keys.
Technical detail
The vulnerability results from insufficient DMA (Direct Memory Access) protections on PCIe slots, enabling an unauthenticated threat actor with physical access to insert a malicious PCI card that reads workstation RAM and extracts sensitive cryptographic material (e.g., BitLocker keys) during system startup, before IOMMU or SMMU protections are enforced.
Summary generated and translated by AI from the official description.
The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup.
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Becton, Dickinson and Company (BD) · FACSChorusWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →