Vulnerabilities > CVE-2017-5634 - Exposure of Resource to Wrong Sphere vulnerability in Norwegian-Air Norwegian AIR Kiosk
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |