Vulnerabilities in ATMs allowed illegal cash withdrawals

Vulnerabilities in ATMs allowed illegal cash withdrawals

ATM manufacturers Diebold Nixdorf and NCR have eliminated a number of vulnerabilities in their products, which provided the ability to execute arbitrary code with or without SYSTEM-level rights, as well as carry out illegal cash withdrawals using special commands.

A similar vulnerability (CVE-2020-10124) was discovered at NCR SelfServ ATMs using APTRA XFS software 04.02.01 and 05.01.00. As in the case described above, the software does not encrypt, authenticate or check the integrity of messages between the bill acceptor (BNA) and the computer.



Two more vulnerabilities (CVE-2020-10125 and CVE-2020-10126) relate to incorrect implementation of certificates for checking for BNA updates and incorrect checking for updates for BNA, which allowed code to be executed on a host with or without system privileges.

To exploit the vulnerabilities, an attacker needs physical access to the internal components of the ATM.

At the end of July, Diebold Nixdorf announced a new type of black box attacks on ATMs, in which attackers used a copy of the ATM’s firmware to interact with the device.



Taken from: https://www.securitylab.ru/news/511375.php

ORIGINAL PAGE – Go to open the original article


48 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: