CVE-2024-0675

Improper checking for unusual or exceptional conditions vulnerability in Lamassu Bitcoin ATM Douro machines

CVSS 6.3 MEDIUMEPSS 0.2%CWE-754

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 6.3EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

30 ene 2024Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.

CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Productos afectados

Lamassu · Bitcoin ATM Douro machines

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines