From 5ffe704713d1b37850f3de9c280572e5832475b7 Mon Sep 17 00:00:00 2001 From: Madison Oliver Date: Fri, 21 Aug 2020 16:27:52 -0400 Subject: [PATCH] VU#221785, VU#815655, and VU#116713 --- 2020/10xxx/CVE-2020-10123.json | 80 +++++++++++++++++++++++++++++--- 2020/10xxx/CVE-2020-10124.json | 84 +++++++++++++++++++++++++++++++--- 2020/10xxx/CVE-2020-10125.json | 73 ++++++++++++++++++++++++++--- 2020/10xxx/CVE-2020-10126.json | 68 ++++++++++++++++++++++++--- 2020/9xxx/CVE-2020-9062.json | 80 +++++++++++++++++++++++++++++--- 2020/9xxx/CVE-2020-9063.json | 80 +++++++++++++++++++++++++++++--- 6 files changed, 429 insertions(+), 36 deletions(-) diff --git a/2020/10xxx/CVE-2020-10123.json b/2020/10xxx/CVE-2020-10123.json index 0890de4fcc4..448ea8b8b57 100644 --- a/2020/10xxx/CVE-2020-10123.json +++ b/2020/10xxx/CVE-2020-10123.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "DATE_PUBLIC": "2020-08-20T16:34:00.000Z", "ID": "CVE-2020-10123", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SelfServ ATM", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "APTRA XFS ", + "version_value": "05.01.00" + } + ] + } + } + ] + }, + "vendor_name": "NCR" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with physical access to internal ATM components to issue valid commands to dispense currency by generating a new session key that the attacker knows. " } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-305 Authentication Bypass by Primary Weakness" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CERT-VN", + "url": "https://kb.cert.org/vuls/id/116713" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-10-S1_and_S2_Critical_Update.pdf" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/unsorted/jackpot_attacks_in_the_us_-_january_2018.pdf" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-13_APTRA_XFS_v5.pdf" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Secure_white_paper-Dispenser_Security_Solution_September_2018.pdf" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10124.json b/2020/10xxx/CVE-2020-10124.json index 1fa165e76c8..0d9e201807a 100644 --- a/2020/10xxx/CVE-2020-10124.json +++ b/2020/10xxx/CVE-2020-10124.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "DATE_PUBLIC": "2020-08-20T16:34:00.000Z", "ID": "CVE-2020-10124", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SelfServ ATM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_name": "APTRA XFS ", + "version_value": "05.01.00" + } + ] + } + } + ] + }, + "vendor_name": "NCR" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the integrity of messages between the BNA and the host computer, which could allow an attacker with physical access to the internal components of the ATM to execute arbitrary code, including code that enables the attacker to commit deposit forgery." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-353 Missing Support for Integrity Check" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-306 Missing Authentication for Critical Function" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-311 Missing Encryption of Sensitive Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CERT-VN", + "url": "https://kb.cert.org/vuls/id/815655" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-13_APTRA_XFS_" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10125.json b/2020/10xxx/CVE-2020-10125.json index ebafaec900b..d0a1778f421 100644 --- a/2020/10xxx/CVE-2020-10125.json +++ b/2020/10xxx/CVE-2020-10125.json @@ -1,18 +1,79 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "DATE_PUBLIC": "2020-08-20T16:34:00.000Z", "ID": "CVE-2020-10125", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SelfServ ATM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_name": "APTRA XFS ", + "version_value": "04.02.01" + }, + { + "version_affected": "=", + "version_name": "APTRA XFS ", + "version_value": "05.01.00" + } + ] + } + } + ] + }, + "vendor_name": "NCR" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor (BNA) software updates, which can be broken by an attacker with physical access in a sufficiently short period of time, thereby enabling the attacker to sign arbitrary files and CAB archives used to update BNA software, as well as bypass application whitelisting, resulting in the ability to execute arbitrary code." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-326 Inadequate Encryption Strength" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CERT-VN", + "url": "https://kb.cert.org/vuls/id/815655" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-13_APTRA_XFS_" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/10xxx/CVE-2020-10126.json b/2020/10xxx/CVE-2020-10126.json index 1e5283b8779..d9dc0ef65a7 100644 --- a/2020/10xxx/CVE-2020-10126.json +++ b/2020/10xxx/CVE-2020-10126.json @@ -1,18 +1,74 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "DATE_PUBLIC": "2020-08-20T16:34:00.000Z", "ID": "CVE-2020-10126", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SelfServ ATM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_name": "APTRA XFS ", + "version_value": "05.01.00" + } + ] + } + } + ] + }, + "vendor_name": "NCR" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to restart the host computer and execute arbitrary code with SYSTEM privileges because while booting, the update process looks for CAB archives on removable media and executes a specific file without first validating the signature of the CAB archive. " } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-305 Authentication Bypass by Primary Weakness" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CERT-VN", + "url": "https://kb.cert.org/vuls/id/815655" + }, + { + "refsource": "CONFIRM", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-13_APTRA_XFS_" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9062.json b/2020/9xxx/CVE-2020-9062.json index ae32787d52b..2e6eff80aeb 100644 --- a/2020/9xxx/CVE-2020-9062.json +++ b/2020/9xxx/CVE-2020-9062.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "DATE_PUBLIC": "2020-08-20T16:34:00.000Z", "ID": "CVE-2020-9062", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "ProCash 2100xe USB ATM", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_name": "Wincor Probase", + "version_value": "1.1.30" + } + ] + } + } + ] + }, + "vendor_name": "Diebold Nixdorf" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authenticate, or verify the integrity of messages between the CCDM and the host computer, allowing an attacker with physical access to internal ATM components to commit deposit forgery by intercepting and modifying messages to the host computer, such as the amount and value of currency being deposited." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-353 Missing Support for Integrity Check" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-306 Missing Authentication for Critical Function" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-311 Missing Encryption of Sensitive Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CERT-VN", + "url": "https://kb.cert.org/vuls/id/221785" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9063.json b/2020/9xxx/CVE-2020-9063.json index 8389db6d243..56e3ccc69fe 100644 --- a/2020/9xxx/CVE-2020-9063.json +++ b/2020/9xxx/CVE-2020-9063.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "DATE_PUBLIC": "2020-08-20T16:34:00.000Z", "ID": "CVE-2020-9063", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SelfServ ATM", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "APTRA XFS ", + "version_value": "05.01.00" + } + ] + } + } + ] + }, + "vendor_name": "NCR" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity of USB HID communications between the currency dispenser and the host computer, permitting an attacker with physical access to internal ATM components the ability to inject a malicious payload and execute arbitrary code with SYSTEM privileges on the host computer by causing a buffer overflow on the host." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120 Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CERT-VN", + "url": "https://kb.cert.org/vuls/id/116713" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-10-S1_and_S2_Critical_Update.pdf" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/unsorted/jackpot_attacks_in_the_us_-_january_2018.pdf" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Security_Alert-2018-13_APTRA_XFS_v5.pdf" + }, + { + "refsource": "MISC", + "url": "https://www.ncr.com/content/dam/ncrcom/content-type/documents/NCR_Secure_white_paper-Dispenser_Security_Solution_September_2018.pdf" + } + ] + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file