ATM manufacturer Diebold Nixdorf is notifying customers about a remote code execution (RCE) vulnerability present in its older Opteva ATM models’ software.
The vulnerability was spotted by a team of security researchers known as NightSt0rm. In a blog on Medium, the team described an OS service in these ATMs that could be remotely exploited with reverse shells to deploy malicious payloads.
The big picture
In their blog, the researchers also provide successful exploit methods.
What actions have been taken?
After learning of this RCE vulnerability, Diebold Nixdorf is in the process of notifying all customers using older Opteva ATMs of the issue. In addition, its advising operators to update to the latest version(4.1.22) of the ATM software, as suggesting countermeasures.
“While all Opteva systems come equipped with a terminal-based firewall installed, from the information we have, the terminal based firewall of the system was most likely not active during the evaluation. We have not received any reports of this potential exposure being exploited outside of a test environment,” read a security alert released by Diebold Nixdorf, shared with ZDNet.