CVE-2025-61429

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions NCR Atleos Terminal Manager (ConfigApp) version 3.4.0

Description An issue in NCR Atleos Terminal Manager (ConfigApp) version 3.4.0 allows attackers to escalate privileges via a crafted request. Exploiting this vulnerability allows a crafted request to escalate privileges, granting an attacker elevated access rights. The attack requires low privileges and no user interaction.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2025-61429

Affected Products

Ncr Atleos Terminal Manager

CVE-2025-61429

Weakness Enumeration

Related Identifiers

Affected Products

References · 5