← voltar
CVE-2023-42133

CVE-2023-42133

CVSS 6.7 MEDIUMEPSS 0.2%CWE-276
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
11 out 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
PAX Android based POS devices allow for escalation of privilege via improperly configured scripts. An attacker must have shell access with system account privileges in order to exploit this vulnerability. A patch addressing this issue was included in firmware version PayDroid_8.1.0_Sagittarius_V11.1.61_20240226.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
PAX · POS terminals

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://blog.stmcyber.com/pax-pos-cves-2023/https://cert.pl/en/posts/2024/10/CVE-2023-42133https://cert.pl/posts/2024/10/CVE-2023-42133https://ppn.paxengine.com/release/development?