CVE-2020-9062
Last modified
CVE-2020-9062 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited.. EPSS estimates a 0.17% chance of exploitation in the next 30 days.
Description
Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dieboldnixdorf | Probase | 1.1.30 |
References
- https://kb.cert.org/vuls/id/221785Third Party Advisory, US Government Resource
- https://kb.cert.org/vuls/id/221785Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-9062?
How severe is CVE-2020-9062?
How do I fix CVE-2020-9062?
Are you affected by CVE-2020-9062?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST