CVE-2024-0675

by Fred · 30/01/2024

Vulnerability of improper checking for unusual or exceptional conditions

in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,

the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines

Attack vector : PHYSICAL
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 6.8
Base severity : MEDIUM
Exploitability score : 0.9
Impact score : 5.9

CVE-2024-0675

Similar

Recent Posts

Categories

CVE-2024-0675

Share this:

Similar

Recent Posts

Categories

Tags