CVE-2020-9062
N/A
N/A
Summary
Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Diebold Nixdorf | ProCash 2100xe USB ATM | Wincor Probase 1.1.30 | affected |
Weaknesses
- CWE-353: CWE-353 Missing Support for Integrity Check
- CWE-306: CWE-306 Missing Authentication for Critical Function
- CWE-311: CWE-311 Missing Encryption of Sensitive Data
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.