CVE-2020-9062 Vulnerability Details

  /     /     /  

CVE-2020-9062 Metadata Quick Info

CVE Published: 21/08/2020 | CVE Updated: 16/09/2024 | CVE Year: 2020
Source: certcc | Vendor: Diebold Nixdorf | Product: ProCash 2100xe USB ATM
Status : PUBLISHED

CVE-2020-9062 Description

Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-353
CWE Name: CWE-353 Missing Support for Integrity Check
Source: Diebold Nixdorf

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description: