Products

Solutions

Company

Book A Live Demo

CVE-2020-9063 : Security Advisory and Response

Learn about CVE-2020-9063 affecting NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier, allowing attackers to execute arbitrary code with SYSTEM privileges. Find mitigation steps and preventive measures here.

NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier are vulnerable to a buffer overflow attack, allowing an attacker to execute arbitrary code with SYSTEM privileges.

Understanding CVE-2020-9063

NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier are susceptible to unauthorized code execution due to a lack of USB HID communication integrity.

What is CVE-2020-9063?

This CVE describes a vulnerability in NCR SelfServ ATMs that enables attackers with physical access to inject malicious payloads and execute arbitrary code on the host computer.

The Impact of CVE-2020-9063

The vulnerability allows attackers to exploit USB HID communications between the currency dispenser and the host computer, leading to unauthorized code execution with SYSTEM privileges.

Technical Details of CVE-2020-9063

NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier are affected by a critical security flaw.

Vulnerability Description

The vulnerability arises from the lack of authentication and integrity protection in USB HID communications, enabling attackers to perform a buffer overflow attack.

Affected Systems and Versions

Product: SelfServ ATM

Vendor: NCR

Versions Affected: APTRA XFS 05.01.00 and earlier

Exploitation Mechanism

Attackers with physical access to internal ATM components can inject malicious payloads, causing a buffer overflow on the host and executing arbitrary code with SYSTEM privileges.

Mitigation and Prevention

Immediate action is crucial to mitigate the risks posed by CVE-2020-9063.

Immediate Steps to Take

Update to the latest version of APTRA XFS to patch the vulnerability.

Implement physical security measures to restrict unauthorized access to ATM components.

Monitor ATM systems for any suspicious activities.

Long-Term Security Practices

Regularly update and patch ATM software to address security vulnerabilities.

Conduct security training for ATM operators to enhance awareness of potential threats.

Patching and Updates

Apply security patches provided by NCR promptly to address the vulnerability and enhance system security.

CVE-2020-9063 : Security Advisory and Response

Understanding CVE-2020-9063

What is CVE-2020-9063?

The Impact of CVE-2020-9063

Technical Details of CVE-2020-9063

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2020-9063 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2020-9063

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2020-9063?

The Impact of CVE-2020-9063

Technical Details of CVE-2020-9063

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2020-9063

What is CVE-2020-9063?

Is your System Free of Underlying Vulnerabilities?
Find Out Now