THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2023-26980

Reserved:2023-02-27
Published:2023-04-14
Updated:2024-06-11

Description

PAX Technology PAX A920 Pro PayDroid 8.1suffers from a Race Condition vulnerability, which allows attackers to bypass the payment software and force the OS to boot directly to Android during the boot process. NOTE: the vendor disputes this because the attack is not feasible: the home launcher will be loaded before any user applications.

References

https://drive.google.com/drive/u/0/folders/14X-XTYhkiaIVBS3zf68VigG4-imbKEuV

https://uploads.strikinglycdn.com/files/f1d54bf4-3803-480c-b4d3-0943f7dac76e/A920_EN_20200605.pdf?id=237392

https://docs.google.com/document/d/189b1494s8RF8ksaOijKhKb-3B8gj3pLUmgn0dqg-jqs/edit

cve.org CVE-2023-26980

nvd.nist.gov CVE-2023-26980

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-26980