Vulnerability of improper checking for unusual or exceptional conditions
in Lamassu Bitcoin ATM Douro machines, in its 7.1 version,
the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines | Third Party Advisory |
Configurations
History
08 Feb 2024, 16:39
Type | Values Removed | Values Added |
---|---|---|
First Time |
Lamassu douro Ii
Lamassu douro Ii Firmware Lamassu Lamassu douro Firmware Lamassu douro |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
References | () https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines - Third Party Advisory | |
CPE | cpe:2.3:h:lamassu:douro:-:*:*:*:*:*:*:* cpe:2.3:o:lamassu:douro_ii_firmware:7.1:*:*:*:*:*:*:* cpe:2.3:h:lamassu:douro_ii:-:*:*:*:*:*:*:* cpe:2.3:o:lamassu:douro_firmware:7.1:*:*:*:*:*:*:* |
30 Jan 2024, 14:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-30 13:15
Updated : 2024-02-28 20:54
NVD link : CVE-2024-0675
Mitre link : CVE-2024-0675
CVE.ORG link : CVE-2024-0675
JSON object : View
Products Affected
lamassu
- douro_firmware
- douro_ii
- douro
- douro_ii_firmware
CWE
CWE-754
Improper Check for Unusual or Exceptional Conditions