CVE-2023-24062
Last modified
CVE-2023-24062 is a medium-severity vulnerability rated 6.8/10 on the CVSS scale. Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.. EPSS estimates a 0.41% chance of exploitation in the next 30 days.
Description
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.
Metrics
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dieboldnixdorf | Vynamic Security Suite | < 3.3.0sr12 |
| Dieboldnixdorf | Vynamic Security Suite | >= 4.0.0, < 4.0.0sr04 |
| Dieboldnixdorf | Vynamic Security Suite | >= 4.1.0, < 4.1.0sr02 |
| Dieboldnixdorf | Vynamic Security Suite | >= 4.2.0, < 4.2.0sr01 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-24062?
How severe is CVE-2023-24062?
How do I fix CVE-2023-24062?
Are you affected by CVE-2023-24062?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST