Vulnerabilities > Dieboldnixdorf

DATE CVE VULNERABILITY TITLE RISK
2024-08-08 CVE-2023-24062 Unspecified vulnerability in Dieboldnixdorf Vynamic Security Suite
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorization (PBA) process.
low complexity
dieboldnixdorf
6.8
2024-08-08 CVE-2023-24063 Improper Validation of Integrity Check Value vulnerability in Dieboldnixdorf Vynamic Security Suite
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during the Pre-Boot Authorization (PBA) process.
low complexity
dieboldnixdorf CWE-354
6.8
2024-08-08 CVE-2023-24064 Unspecified vulnerability in Dieboldnixdorf Vynamic Security Suite
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR4 fails to validate /etc/initab during the Pre-Boot Authorization (PBA) process.
low complexity
dieboldnixdorf
6.8
2024-08-08 CVE-2023-28865 Insufficient Verification of Data Authenticity vulnerability in Dieboldnixdorf Vynamic Security Suite
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0 SR02 fails to validate the directory contents of certain directories (e.g., ensuring the expected hash sum) during the Pre-Boot Authorization (PBA) process.
low complexity
dieboldnixdorf CWE-345
6.6
2024-08-08 CVE-2023-33206 Improper Validation of Integrity Check Value vulnerability in Dieboldnixdorf Vynamic Security Suite
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0 SR03, and 4.3.0 SR01 fails to validate symlinks during the Pre-Boot Authorization (PBA) process.
low complexity
dieboldnixdorf CWE-354
6.8
2024-08-08 CVE-2023-40261 Improper Initialization vulnerability in Dieboldnixdorf Vynamic Security Suite
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR17, 4.0.0 SR07, 4.1.0 SR04, 4.2.0 SR04, and 4.3.0 SR02 fails to validate file attributes during the Pre-Boot Authorization (PBA) process.
low complexity
dieboldnixdorf CWE-665
6.8
2023-09-11 CVE-2020-19559 Deserialization of Untrusted Data vulnerability in Dieboldnixdorf Agilis XFS for Opteva 4.1.61.1
An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary code via a crafted payload to the ResolveMethod() parameter.
network
low complexity
dieboldnixdorf CWE-502
critical
9.8
2023-08-08 CVE-2023-36344 Uncontrolled Search Path Element vulnerability in Dieboldnixdorf Vynamic View
An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.
local
low complexity
dieboldnixdorf CWE-427
7.8
2020-08-21 CVE-2020-9062 Missing Authentication for Critical Function vulnerability in Dieboldnixdorf Probase 1.1.30
Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited.
local
low complexity
dieboldnixdorf CWE-306
2.1