CVE-2018-5717
First published: Tue Mar 20 2018(Updated: )
Memory write mechanism in NCR S2 Dispenser controller before firmware version 0x0108 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NCR S2 Dispenser Controller | <0x0108 | |
| NCR S2 Dispenser Controller Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2018-5717?
CVE-2018-5717 is classified as a critical vulnerability due to its potential impact on device integrity.
How do I fix CVE-2018-5717?
To fix CVE-2018-5717, upgrade the NCR S2 Dispenser controller firmware to version 0x0108 or higher.
Who is affected by CVE-2018-5717?
CVE-2018-5717 affects NCR S2 Dispenser controllers running firmware versions prior to 0x0108.
What are the risks associated with CVE-2018-5717?
The risks include unauthorized firmware upgrades or downgrades, potentially exposing the device to known vulnerabilities.
Is authentication required to exploit CVE-2018-5717?
No, CVE-2018-5717 can be exploited by unauthenticated users.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ncr
- canonical/ncr s2 dispenser controller
- canonical/ncr s2 dispenser controller firmware