EUVD-2023-51424

| CVE-2023-47297 CRITICAL
2025-06-23 [email protected]
9.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 15, 2026 - 22:10 vuln.today
EUVD ID Assigned
Mar 15, 2026 - 22:10 euvd
EUVD-2023-51424
CVE Published
Jun 23, 2025 - 15:15 nvd
CRITICAL 9.8

Tags

Information Disclosure Terminal Handler

Description

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.

Analysis

CVE-2023-47297 is a critical settings manipulation vulnerability in NCR Terminal Handler v1.5.1 that allows unauthenticated remote attackers to execute arbitrary commands and modify system security auditing configurations without authentication. With a CVSS score of 9.8 and network-accessible attack vector, this vulnerability poses an immediate threat to NCR terminal deployments in retail and financial environments. The vulnerability's presence in point-of-sale systems and payment terminals makes it particularly dangerous for organizations processing financial transactions.

Technical Context

NCR Terminal Handler is a critical component of NCR's point-of-sale and terminal management infrastructure used across retail and financial services. The vulnerability stems from CWE-284 (Improper Access Control), specifically a failure to properly validate and authenticate settings modification requests. The affected software lacks sufficient access controls on administrative configuration endpoints, allowing attackers to manipulate security settings including system auditing configurations through network requests. The root cause appears to be insufficient input validation and missing authentication checks on settings manipulation APIs or configuration interfaces, enabling attackers to bypass intended security boundaries and achieve command execution through configuration injection or direct code execution pathways.

Affected Products

NCR Terminal Handler v1.5.1 and potentially earlier versions. The product affects multiple NCR point-of-sale and terminal management deployments. CPE likely includes: cpe:2.3:a:ncr:terminal_handler:1.5.1:*:*:*:*:*:*:*. Organizations using NCR payment terminals, self-checkout systems, and retail POS terminals are affected. NCR's customer base spans retail chains, financial institutions, hospitality venues, and convenience stores globally.

Remediation

Immediate actions: (1) Update NCR Terminal Handler to version 1.5.2 or later if available; contact NCR directly for patch availability and timelines. (2) Implement network segmentation isolating terminal handlers from untrusted networks; restrict access to terminal management interfaces to authorized administrative networks only. (3) Deploy network-based access controls (WAF, IP whitelisting) on exposed terminal handler interfaces. (4) Enable all available security logging and auditing features at the application and OS level, with centralized log collection to detect modification attempts. (5) Implement integrity checking on system security configurations to alert on unauthorized changes. (6) Monitor for suspicious configuration modification requests and arbitrary command execution attempts. (7) Review NCR security advisories at ncr.com/security for official patch releases and comprehensive remediation guidance.

Priority Score

49
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +49
POC: 0

Share

EUVD-2023-51424 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy