📦

pax_a930

Vendor: paxtechnology

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.05% Exploit Prob.

Latest CVE CVE-2023-27199 Jul 05

Security Vulnerability Index

Page 1 / 1

6.7 CVSS

CVE-2023-27199

PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks.

EPSS: 0.01%

Severity: MEDIUM

Jul 05, 2023

6.8 CVSS

CVE-2023-27198

RCE

PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability.

EPSS: 0.10%

Severity: MEDIUM

Jul 05, 2023

6.7 CVSS

CVE-2023-27197

PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability.

EPSS: 0.03%

Severity: MEDIUM

Jul 05, 2023

Displaying 3 of 3 Total Entries

Total 1 Sections