The position-of-sale (PoS) terminals from PAX Technology are impacted by a selection of significant-severity vulnerabilities that can be weaponized by risk actors to execute arbitrary code.
The STM Cyber R&D crew, which reverse engineered the Android-based devices produced by the Chinese business owing to their speedy deployment in Poland, said it unearthed 50 percent a dozen flaws that permit for privilege escalation and neighborhood code execution from the bootloader.
Particulars about just one of the vulnerabilities (CVE-2023-42133) have been at the moment withheld. The other flaws are mentioned below –
- CVE-2023-42134 & CVE-2023-42135 (CVSS rating: 7.6) – Nearby code execution as root by way of kernel parameter injection in fastboot (Impacts PAX A920Pro/PAX A50)
- CVE-2023-42136 (CVSS rating: 8.8) – Privilege escalation from any person/application to system consumer via shell injection binder-uncovered company (Impacts All Android-based mostly PAX PoS equipment)
- CVE-2023-42137 (CVSS score: 8.8) – Privilege escalation from process/shell user to root by way of insecure operations in systool_server daemon (Impacts All Android-centered PAX PoS units)
- CVE-2023-4818 (CVSS rating: 7.3) – Bootloader downgrade by means of incorrect tokenization (Impacts PAX A920)
Prosperous exploitation of the aforementioned weaknesses could allow an attacker to elevate their privileges to root and bypass sandboxing protections, successfully getting carte blanche accessibility to complete any procedure.
This features interfering with the payment functions to “modify details the service provider application sends to the [Secure Processor], which features transaction amount,” security researchers Adam Kliś and Hubert Jasudowicz mentioned.
It is value mentioning that exploiting CVE-2023-42136 and CVE-2023-42137 involves an attacker to have shell obtain to the system, even though the remaining three necessitate that the risk actor has actual physical USB entry to it.
The Warsaw-centered penetration testing company explained it responsibly disclosed the flaws to PAX Technology in early May 2023, next which patches have been unveiled by the latter in November 2023.
Uncovered this post appealing? Comply with us on Twitter and LinkedIn to examine much more exclusive content we submit.
Some parts of this article are sourced from:
thehackernews.com