Iagona’s ScrutisWeb ATM fleet monitoring software contains four security flaws that might be used to remotely access ATMs, upload arbitrary files, or even reboot the terminals.
Following a customer engagement, the Synack Red Team (SRT) identified the flaws. Version 2.1.38 of ScrutisWeb has the problems fixed.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) stated in an alert released last month that “successful exploitation of these vulnerabilities could allow an attacker to upload and execute arbitrary files read more Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.