Vulnerability Details CVE-2024-46917
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or the contents of /root during integrity validation. This allows code execution, recovery of TPM Disk Encryption keys, decryption of the Windows system partition, and full control of the Windows OS, e.g., through ~/.profile changes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.4%
CVSS Severity
CVSS v3 Score 8.1
References
Products affected by CVE-2024-46917
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:-
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:3.3.0sr10
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:3.3.0sr12
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:3.3.0sr15
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:3.3.0sr16
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:3.3.0sr17
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:3.3.0sr4
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.0.0
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.0.0sr04
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.0.0sr05
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.0.0sr06
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.0.0sr07
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.1.0
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.1.0sr02
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.1.0sr03
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.1.0sr04
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.2.0
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.2.0sr01
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.2.0sr02
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.2.0sr03
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.2.0sr04
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.3.0
-
cpe:2.3:a:dieboldnixdorf:vynamic_security_suite:4.3.0sr01