CVE-2023-24064

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Aug 8, 2024

Updated: Aug 19, 2024

Summary

CVE-2023-24064 is a vulnerability affecting Diebold Nixdorf's Vynamic Security Suite (VSS) prior to version 3.3.0 SR4. The issue lies in the Pre-Boot Authorization (PBA) process, where the VSS fails to validate the /etc/initab file. An attacker with physical access to the system can manipulate the contents of the hard disk to exploit this vulnerability. This could potentially lead to unauthorized access during the system boot process. System administrators are advised to update the VSS software to the latest version to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xNfOKH
https://www.cve.org/CVERecord?id=CVE-2023-24064
https://nvd.nist.gov/vuln/detail/CVE-2023-24064

Back to Vulnerability Database

CVE-2023-24064

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations