The place-of-sale (PoS) terminals from PAX Technology are impacted by a collection of large-severity vulnerabilities that can be weaponized by menace actors to execute arbitrary code.
The STM Cyber R&D group, which reverse engineered the Android-based products produced by the Chinese agency owing to their immediate deployment in Poland, stated it unearthed 50 percent a dozen flaws that enable for privilege escalation and area code execution from the bootloader.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
Details about a person of the vulnerabilities (CVE-2023-42133) have been presently withheld. The other flaws are shown underneath –
- CVE-2023-42134 & CVE-2023-42135 (CVSS rating: 7.6) – Neighborhood code execution as root through kernel parameter injection in fastboot (Impacts PAX A920Pro/PAX A50)
- CVE-2023-42136 (CVSS rating: 8.8) – Privilege escalation from any consumer/application to process consumer through shell injection binder-uncovered company (Impacts All Android-based PAX PoS equipment)
- CVE-2023-42137 (CVSS rating: 8.8) – Privilege escalation from program/shell person to root by using insecure functions in systool_server daemon (Impacts All Android-primarily based PAX PoS products)
- CVE-2023-4818 (CVSS rating: 7.3) – Bootloader downgrade by way of improper tokenization (Impacts PAX A920)
Effective exploitation of the aforementioned weaknesses could allow an attacker to elevate their privileges to root and bypass sandboxing protections, correctly getting carte blanche entry to carry out any procedure.
This features interfering with the payment functions to “modify knowledge the service provider software sends to the [Secure Processor], which consists of transaction volume,” security scientists Adam Kliś and Hubert Jasudowicz stated.
It really is truly worth mentioning that exploiting CVE-2023-42136 and CVE-2023-42137 calls for an attacker to have shell accessibility to the system, when the remaining a few necessitate that the risk actor has bodily USB entry to it.
The Warsaw-primarily based penetration testing enterprise reported it responsibly disclosed the flaws to PAX Technology in early May 2023, subsequent which patches ended up launched by the latter in November 2023.
Identified this post intriguing? Stick to us on Twitter and LinkedIn to browse far more exclusive information we article.
Some areas of this report are sourced from:
thehackernews.com