Vulnerabilities > PAX

DATE CVE VULNERABILITY TITLE RISK
2023-04-14 CVE-2023-26980 Race Condition vulnerability in PAX Paydroid 8.1
PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process.
local
high complexity
pax CWE-362
7.0
2020-11-02 CVE-2020-28046 Improper Privilege Management vulnerability in PAX Prolinos 2.4.161.8859R
An issue was discovered in ProlinOS through 2.4.161.8859R.
local
low complexity
pax CWE-269
7.8
2020-11-02 CVE-2020-28045 Improper Verification of Cryptographic Signature vulnerability in PAX Prolinos 2.4.161.8859R
An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R.
local
low complexity
pax CWE-347
7.8
2020-11-02 CVE-2020-28044 Incorrect Default Permissions vulnerability in PAX Prolinos 2.4.161.8859R
An attacker with physical access to a PAX Point Of Sale device with ProlinOS through 2.4.161.8859R can boot it in management mode, enable the XCB service, and then list, read, create, and overwrite files with MAINAPP permissions.
low complexity
pax CWE-276
6.8