CVE-2023-40261

MEDIUM Year: 2023
CVSS v3 Score
4.6
Medium
Weakness Type
CWE-665
View all →

Vulnerability Description

Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR17, 4.0.0 SR07, 4.1.0 SR04, 4.2.0 SR04, and 4.3.0 SR02 fails to validate file attributes during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk.

Related Vulnerabilities

CVE-2020-35508

MEDIUM
CVSS:4.5(Medium)

A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local ...

CWE-6652020

CVE-2017-14159

MEDIUM
CVSS:4.7(Medium)

slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root...

CWE-6652017

CVE-2018-0745

MEDIUM
CVSS:4.7(Medium)

The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, ak...

CWE-6652018

CVE-2018-0746

MEDIUM
CVSS:4.7(Medium)

The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclos...

CWE-6652018

CVE-2018-0810

MEDIUM
CVSS:4.7(Medium)

The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel In...

CWE-6652018

CVE-2018-0897

MEDIUM
CVSS:4.7(Medium)

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 ...

CWE-6652018