CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-10124

NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the integrity of messages between the BNA and the host computer, which could allow an attacker with physical access to the internal components of the ATM to execute arbitrary code, including code that enables the attacker to commit deposit forgery.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.027

EPSS Ranking 85.0%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 4.4

References

https://kb.cert.org/vuls/id/815655
https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-13_APTRA_XFS_
https://kb.cert.org/vuls/id/815655
https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-13_APTRA_XFS_

Products affected by CVE-2020-10124

Ncr » Selfserv Atm » Version: N/A

cpe:2.3:h:ncr:selfserv_atm:-
Ncr » Aptra Xfs » Version: 05.01.00

cpe:2.3:o:ncr:aptra_xfs:05.01.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10124

Products

Pricing

Contact Us