Independent researcher Matt Burch disclosed vulnerabilities in Diebold Nixdorf's ATM security solution, Vynamic Security Suite (VSS), during the Defcon security conference. The findings showed potential for attackers to circumvent hard drive encryption and gain full control over the machines if the patches are not applied, posing significant risks of financial data breach and unauthorized cash withdrawals. The unencrypted Linux partition used in the dual-boot configuration of the ATMs exacerbated the issue, allowing the exploitation path. Although Diebold has patched the issues, Burch suggested that patches might not be consistently deployed across all ATMs.
Source: https://www.wired.com/story/vss-atm-vulnerabilities-defcon-2024/
"id": "die000081024",
"linkid": "diebold",
"type": "Vulnerability",
"date": "8/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"