Skip to main content

Aptra Xfs

5 CVEs product

Monthly

CVE-2020-9063 HIGH POC This Week

NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Aptra Xfs
NVD
CVSS 3.1
7.6
EPSS
0.7%
CVE-2020-10126 HIGH This Week

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Aptra Xfs
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2020-10125 HIGH This Week

NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor (BNA) software updates, which can be broken by an attacker with physical. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Aptra Xfs
NVD
CVSS 3.1
7.6
EPSS
0.2%
CVE-2020-10124 HIGH This Week

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the integrity of messages between the BNA and the host computer, which could allow an attacker with physical. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

RCE Authentication Bypass Aptra Xfs
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2020-10123 MEDIUM POC This Month

The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Aptra Xfs
NVD
CVSS 3.1
5.3
EPSS
0.4%
EPSS 1% CVSS 7.6
HIGH POC This Week

NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Aptra Xfs
NVD
EPSS 0% CVSS 7.6
HIGH This Week

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Aptra Xfs
NVD
EPSS 0% CVSS 7.6
HIGH This Week

NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor (BNA) software updates, which can be broken by an attacker with physical. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Aptra Xfs
NVD
EPSS 1% CVSS 7.1
HIGH This Week

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the integrity of messages between the BNA and the host computer, which could allow an attacker with physical. Rated high severity (CVSS 7.1), this vulnerability is no authentication required. No vendor patch available.

RCE Authentication Bypass Aptra Xfs
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Aptra Xfs
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy