Vulnerability of improper checking for unusual or exceptional conditions
in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,
the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines | Third Party Advisory |
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines | Third Party Advisory |
Configurations
History
21 Nov 2024, 08:47
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.3 |
08 Feb 2024, 16:39
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines - Third Party Advisory | |
CPE | cpe:2.3:h:lamassu:douro:-:*:*:*:*:*:*:* cpe:2.3:o:lamassu:douro_ii_firmware:7.1:*:*:*:*:*:*:* cpe:2.3:h:lamassu:douro_ii:-:*:*:*:*:*:*:* cpe:2.3:o:lamassu:douro_firmware:7.1:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
First Time |
Lamassu douro Ii
Lamassu douro Ii Firmware Lamassu Lamassu douro Firmware Lamassu douro |
30 Jan 2024, 14:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-30 13:15
Updated : 2024-11-21 08:47
NVD link : CVE-2024-0675
Mitre link : CVE-2024-0675
CVE.ORG link : CVE-2024-0675
JSON object : View
Products Affected
lamassu
- douro
- douro_firmware
- douro_ii_firmware
- douro_ii
CWE
CWE-754
Improper Check for Unusual or Exceptional Conditions