Vulnerabilities > CVE-2024-0675 - Improper Check for Unusual or Exceptional Conditions vulnerability in Lamassu Douro Firmware and Douro II Firmware

047910
CVSS 6.8 - MEDIUM
Attack vector
PHYSICAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
low complexity
lamassu
CWE-754

Summary

Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.

Vulnerable Configurations

Part Description Count
OS
Lamassu
2
Hardware
Lamassu
2