CVE-2024-37364

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jun 6, 2024

Updated: Jul 3, 2024

CWE ID 269

Summary

CVE-2024-37364 is a vulnerability affecting the Ariane Allegro Scenario Player up to the version used prior to March 5, 2024, in kiosk mode. When this mode is activated, attackers who are physically proximate to the system can exploit the flaw to gain sensitive information, including PII from hotel invoices. Moreover, they could potentially create unauthorized room keys by manipulating the guest-search function and accessing the underlying Windows OS.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wUlHpU
https://www.cve.org/CVERecord?id=CVE-2024-37364
https://nvd.nist.gov/vuln/detail/CVE-2024-37364

Back to Vulnerability Database

CVE-2024-37364

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations