Описание
PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher will be loaded before any user applications.
Ссылки
- Mailing ListThird Party Advisory
- Exploit
- Broken Link
- Mailing ListThird Party Advisory
- Exploit
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:pax:paydroid:8.1:*:*:*:*:*:*:*
cpe:2.3:h:pax:a920_pro:-:*:*:*:*:*:*:*
EPSS
Процентиль: 1%
0.00013
Низкий
7 High
CVSS3
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 7
github
почти 3 года назад
PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process.
EPSS
Процентиль: 1%
0.00013
Низкий
7 High
CVSS3
Дефекты
CWE-362