CVE-2020-10125

Name of the Vulnerable Software and Affected Versions NCR SelfServ ATMs running APTRA XFS versions 04.02.01 through 05.01.00

Description The issue concerns the use of 512-bit RSA certificates in NCR SelfServ ATMs running APTRA XFS to validate software updates for the bunch note acceptor (BNA). An attacker with physical access can break these certificates in a short period, allowing them to sign arbitrary files and CAB archives used for BNA software updates. This enables the bypassing of application whitelisting, resulting in the ability to execute arbitrary code.

Recommendations For versions 04.02.01 through 05.01.00, consider upgrading to a version that implements stronger encryption methods to validate BNA software updates, thereby preventing the exploitation of weak 512-bit RSA certificates. As a temporary workaround, restrict physical access to the ATMs to minimize the risk of exploitation.