6.8
CVE-2023-24062
- EPSS 0.38%
- Veröffentlicht 08.08.2024 18:15:09
- Zuletzt bearbeitet 18.03.2025 19:15:41
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginDiebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dieboldnixdorf ≫ Vynamic Security Suite Version < 3.3.0sr12
Dieboldnixdorf ≫ Vynamic Security Suite Version >= 4.0.0 < 4.0.0sr04
Dieboldnixdorf ≫ Vynamic Security Suite Version >= 4.1.0 < 4.1.0sr02
Dieboldnixdorf ≫ Vynamic Security Suite Version >= 4.2.0 < 4.2.0sr01
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.591 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.8 | 0.9 | 5.9 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.