CVE-2024-46916
Last modified
CVE-2024-46916 is a high-severity vulnerability rated 8.1/10 on the CVSS scale. Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted (e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file). This can allow code execution and, in some versions, enable recovery of TPM Disk Encryption keys and decryption of the Windows system partition.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.
Description
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted (e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file). This can allow code execution and, in some versions, enable recovery of TPM Disk Encryption keys and decryption of the Windows system partition.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dieboldnixdorf | Vynamic Security Suite | <= 4.3.0sr06 |
References
- https://github.com/emptynebuliNot Applicable
- https://www.atredis.com/blog/2025/8/26/24nrgne4dqbwjxyip7txn8ep6zj057Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2024-46916?
How severe is CVE-2024-46916?
How do I fix CVE-2024-46916?
Are you affected by CVE-2024-46916?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST