THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2023-26980

Assignermitre
Reserved2023-02-27
Published2023-04-14
Updated2024-06-11

Description

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher will be loaded before any user applications.

References

https://drive.google.com/drive/u/0/folders/14X-XTYhkiaIVBS3zf68VigG4-imbKEuV

https://uploads.strikinglycdn.com/files/f1d54bf4-3803-480c-b4d3-0943f7dac76e/A920_EN_20200605.pdf?id=237392

https://docs.google.com/document/d/189b1494s8RF8ksaOijKhKb-3B8gj3pLUmgn0dqg-jqs/edit

cve.org CVE-2023-26980

nvd.nist.gov CVE-2023-26980

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-26980
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
© Copyright 2024 THREATINT. Made in Cyprus with +