A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.
The vulnerability classified as CWE-284 (improper access control) allows an unauthenticated attacker to remotely manipulate NCR Terminal Handler application settings. Through this flaw, it is possible to execute arbitrary system commands, including modification of the operating system security audit configuration. The lack of appropriate permission verification mechanisms means that the attack does not require any user interaction.
An attacker can execute arbitrary commands on the system, modify security audit configuration, and potentially gain full control over the confidentiality, integrity, and availability of the system.
Apply patches available from the vendor according to the references. It is also recommended to restrict network access to the NCR Terminal Handler management interface using a firewall or network segmentation until the patch is deployed.
NCR Terminal Handler v1.5.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNcr Terminal Handler
APPNcr1.5.1
Related vulnerabilities
CSV Injection w NCR Terminal Handler umożliwia wykonanie dowolnych poleceń
RCE i wyciek danych w NCR Terminal Handler przez komponent UserService
RCE w NCR Terminal Handler via SOAP API — nieuwierzytelniony dostęp zdalny
NCR Terminal Handler – privilege escalation przez SOAP API
RCE w NCR Terminal Handler v.1.5.1 przez SOAP API