Risk Summary
Successful exploitation of these vulnerabilities could allow an attacker with physical access to the device to modify system configurations, obtain access to sensitive information, or access components of the system.
CVEs (7)
Remediations
- Vulnerabilities associated with the BD FACSChorus software and workstations will be addressed in an upcoming release. This bulletin will be updated when more information is available. Check back periodically for updates.
- BD recommends the following mitigations and compensating controls to reduce risk associated with these vulnerabilities. The following recommendations apply to all vulnerabilities listed in this bulletin:
- Ensure physical access controls are in place and only authorized end-users have access to the BD FACSChorus Software and respective workstation.
- If the BD FACSChorus workstation is connected to the local network, ensure industry standard network security policies and procedures are followed.
- Administrative access to the FACSChorus software and workstation should be strictly controlled by the customer in collaboration with their local IT security policy.
- The vulnerabilities impact the BD FACSChorus v5.0, v5.1, v3.0, and v3.1and their workstations. None of the vulnerabilities above impact the operation or instrument functionality of the BD FACSDiscover S8 Cell Sorter or the BD FACSMelody Cell Sorter.
- For additional information, refer to BD's Security Bulletin.
Affected Vendors
Becton, Dickinson and Company (BD)
Affected Products (2)
Becton, Dickinson and Company (BD)
·
BD FACSChorus (HP Z2 G9 workstation, shipped with FACSDiscover S8 Cell Sorter)
5.0|5.1
Becton, Dickinson and Company (BD)
·
BD FACSChorus (HP Z2 G5 workstation, shipped with FACSMelody Cell Sorter)
3.0|3.1
Affected Sectors
Healthcare and Public Health
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more