PT-2024-15738 · Lamassu · Lamassu Bitcoin Atm Douro

Gabriel González

Published

2024-01-30

Updated

2024-02-08

CVE-2024-0674

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lamassu Bitcoin ATM Douro version 7.1

Description A privilege escalation issue exists, allowing a local user to gain root permissions by modifying the updatescript.js and creating a done.txt file. This causes the watchdog process to run as root, executing the payload stored in the updatescript.js.

Recommendations For version 7.1, consider restricting access to the updatescript.js file and the watchdog process to prevent exploitation until a patch is available. As a temporary workaround, avoid using the updatescript.js file for updates and monitor the system for any suspicious activity related to the watchdog process.

Fix

Improper Privilege Management

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269CWE-281

Related Identifiers

CVE-2024-0674

Affected Products

Lamassu Bitcoin Atm Douro

PT-2024-15738 · Lamassu · Lamassu Bitcoin Atm Douro

CVE-2024-0674

Weakness Enumeration

Related Identifiers

Affected Products

References · 5