Vulnerability Details CVE-2020-28044
An attacker with physical access to a PAX Point Of Sale device with ProlinOS through 2.4.161.8859R can boot it in management mode, enable the XCB service, and then list, read, create, and overwrite files with MAINAPP permissions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.4%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 7.2