Vulnerability of improper checking for unusual or exceptional conditions
in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,
the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines | Third Party Advisory |
Configurations
History
08 Feb 2024, 16:39
Type | Values Removed | Values Added |
---|---|---|
First Time |
Lamassu douro Ii Firmware
Lamassu douro Lamassu douro Ii Lamassu douro Firmware Lamassu |
|
CPE | cpe:2.3:h:lamassu:douro:-:*:*:*:*:*:*:* cpe:2.3:o:lamassu:douro_firmware:7.1:*:*:*:*:*:*:* cpe:2.3:o:lamassu:douro_ii_firmware:7.1:*:*:*:*:*:*:* cpe:2.3:h:lamassu:douro_ii:-:*:*:*:*:*:*:* |
|
References | () https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
30 Jan 2024, 14:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-30 13:15
Updated : 2024-02-08 16:39
NVD link : CVE-2024-0675
Mitre link : CVE-2024-0675
CVE.ORG link : CVE-2024-0675
JSON object : View
Products Affected
lamassu
- douro_firmware
- douro_ii
- douro_ii_firmware
- douro
CWE
CWE-754
Improper Check for Unusual or Exceptional Conditions