Vulnerabilities > CVE-2017-5634 - Exposure of Resource to Wrong Sphere vulnerability in Norwegian-Air Norwegian AIR Kiosk
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |