The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative O

The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with

The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by th

The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to i

The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user a

There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially ex

The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat