CVE-2024-46917

Sažetak

Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of /root during integrity validation. This allows code execution, recovery of TPM Disk Encryption keys, decryption of the Windows system partition, and full control of the Windows OS, e.g., through ~/.profile changes.

Reference

https://github.com/emptynebuli
https://www.atredis.com/blog/2025/8/26/24nrgne4dqbwjxyip7txn8ep6zj057
https://www.dieboldnixdorf.com/en-us/banking/portfolio/software/security/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

29-08-2025 - 16:24

Objavljeno

29-08-2025 - 16:15