Vulnerabilities > Dieboldnixdorf
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-08 | CVE-2023-24062 | Unspecified vulnerability in Dieboldnixdorf Vynamic Security Suite Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorization (PBA) process. low complexity dieboldnixdorf | 6.8 |
| 2024-08-08 | CVE-2023-24063 | Improper Validation of Integrity Check Value vulnerability in Dieboldnixdorf Vynamic Security Suite Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during the Pre-Boot Authorization (PBA) process. | 6.8 |
| 2024-08-08 | CVE-2023-24064 | Unspecified vulnerability in Dieboldnixdorf Vynamic Security Suite Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR4 fails to validate /etc/initab during the Pre-Boot Authorization (PBA) process. low complexity dieboldnixdorf | 6.8 |
| 2024-08-08 | CVE-2023-28865 | Insufficient Verification of Data Authenticity vulnerability in Dieboldnixdorf Vynamic Security Suite Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0 SR02 fails to validate the directory contents of certain directories (e.g., ensuring the expected hash sum) during the Pre-Boot Authorization (PBA) process. | 6.6 |
| 2024-08-08 | CVE-2023-33206 | Improper Validation of Integrity Check Value vulnerability in Dieboldnixdorf Vynamic Security Suite Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0 SR03, and 4.3.0 SR01 fails to validate symlinks during the Pre-Boot Authorization (PBA) process. | 6.8 |
| 2024-08-08 | CVE-2023-40261 | Improper Initialization vulnerability in Dieboldnixdorf Vynamic Security Suite Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR17, 4.0.0 SR07, 4.1.0 SR04, 4.2.0 SR04, and 4.3.0 SR02 fails to validate file attributes during the Pre-Boot Authorization (PBA) process. | 6.8 |
| 2023-09-11 | CVE-2020-19559 | Deserialization of Untrusted Data vulnerability in Dieboldnixdorf Agilis XFS for Opteva 4.1.61.1 An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary code via a crafted payload to the ResolveMethod() parameter. | 9.8 |
| 2023-08-08 | CVE-2023-36344 | Uncontrolled Search Path Element vulnerability in Dieboldnixdorf Vynamic View 5.3.1 An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature. | 7.8 |
| 2020-08-21 | CVE-2020-9062 | Missing Encryption of Sensitive Data vulnerability in Dieboldnixdorf Probase 1.1.30 Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited. | 5.3 |