Assigner | mitre |
Reserved | 2023-02-27 |
Published | 2023-04-14 |
Updated | 2024-06-11 |
Description
PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher will be loaded before any user applications.
References
https://drive.google.com/drive/u/0/folders/14X-XTYhkiaIVBS3zf68VigG4-imbKEuV
https://docs.google.com/document/d/189b1494s8RF8ksaOijKhKb-3B8gj3pLUmgn0dqg-jqs/edit