CVE-2024-0675

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Jan 30, 2024
Updated: Feb 8, 2024
CWE ID 754

Summary

CVE-2024-0675 is a vulnerability affecting Lamassu Bitcoin ATM Douro machines in version 7.1. This issue arises due to insufficient validation of unusual conditions. A successful exploit allows an attacker with physical access to the ATM to bypass kiosk mode and gain access to the Xwindow interface, enabling them to execute unprivileged commands. This vulnerability poses a potential risk for unauthorized access and system manipulation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share