CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-0675

Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.8%

CVSS Severity

CVSS v3 Score 6.3

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines

Products affected by CVE-2024-0675

Lamassu » Douro » Version: N/A

cpe:2.3:h:lamassu:douro:-
Lamassu » Douro Ii » Version: N/A

cpe:2.3:h:lamassu:douro_ii:-
Lamassu » Douro Firmware » Version: 7.1

cpe:2.3:o:lamassu:douro_firmware:7.1
Lamassu » Douro Ii Firmware » Version: 7.1

cpe:2.3:o:lamassu:douro_ii_firmware:7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-0675

Products

Pricing

Contact Us