Vulnerabilities > Norwegian AIR

DATE CVE VULNERABILITY TITLE RISK
2017-02-09 CVE-2017-5634 Exposure of Resource to Wrong Sphere vulnerability in Norwegian-Air Norwegian AIR Kiosk
The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog.
local
low complexity
norwegian-air CWE-668
7.2