← volver
CVE-2023-42133

CVE-2023-42133

CVSS 6.7 MEDIUMEPSS 0.2%CWE-276
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
11 oct 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
PAX Android based POS devices allow for escalation of privilege via improperly configured scripts. An attacker must have shell access with system account privileges in order to exploit this vulnerability. A patch addressing this issue was included in firmware version PayDroid_8.1.0_Sagittarius_V11.1.61_20240226.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Productos afectados
PAX · POS terminals

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://blog.stmcyber.com/pax-pos-cves-2023/https://cert.pl/en/posts/2024/10/CVE-2023-42133https://cert.pl/posts/2024/10/CVE-2023-42133https://ppn.paxengine.com/release/development?