Bonfee1

**Name of the Vulnerable Software and Affected Versions** mPOS fiserve trustlet versions prior to SMR May-2023 Release 1 **Description** The issue is related to improper input validation, allowing local attackers to execute arbitrary code. This can be exploited by attackers to gain unauthorized access and control. **Recommendations** For versions prior to SMR May-2023 Release 1, update to SMR May-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting local access to the mPOS fiserve trustlet to minimize the risk of exploitation.