Maxim Kozorez

**Name of the Vulnerable Software and Affected Versions** NCR SelfSev ATMs running APTRA XFS version 05.01.00 or earlier **Description** The issue concerns inadequate authentication of session key generation requests from the host computer in the currency dispenser of NCR SelfSev ATMs. This allows an attacker with physical access to internal ATM components to issue valid commands to dispense currency by generating a new session key that the attacker knows. **Recommendations** For NCR SelfSev ATMs running APTRA XFS version 05.01.00 or earlier, consider restricting physical access to internal ATM components to minimize the risk of exploitation. As a temporary workaround, review and enhance the authentication process for session key generation requests from the host computer until a more permanent fix is available.

**Name of the Vulnerable Software and Affected Versions** Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 **Description** The issue allows an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer. This can include altering the amount and value of currency being deposited. The messages between the CCDM and the host computer are not encrypted, authenticated, or verified for integrity. **Recommendations** For Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30, consider implementing encryption, authentication, and integrity verification for messages between the CCDM and the host computer to prevent interception and modification. As a temporary workaround, restrict physical access to internal ATM components to minimize the risk of exploitation.