CVE-2023-24064

Name of the Vulnerable Software and Affected Versions Diebold Nixdorf Vynamic Security Suite (VSS) versions prior to 3.3.0 SR4

Description The issue arises from the failure to validate /etc/initab during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.

Recommendations For versions prior to 3.3.0 SR4, update to version 3.3.0 SR4 or later to resolve the issue. As a temporary workaround, consider restricting physical access to the system's hard disk to minimize the risk of exploitation.