Описание
NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an attacker with physical access to internal ATM components the ability to inject a malicious payload and execute arbitrary code with SYSTEM privileges on the host computer by causing a buffer overflow on the host.
Ссылки
- Third Party AdvisoryUS Government Resource
- ExploitVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- ExploitVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
7.6 High
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an attacker with physical access to internal ATM components the ability to inject a malicious payload and execute arbitrary code with SYSTEM privileges on the host computer by causing a buffer overflow on the host.
EPSS
7.6 High
CVSS3
7.2 High
CVSS2