CVE-2018-5717

HIGH

NCR S2 Dispenser <0x0108 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Memory write mechanism in NCR S2 Dispenser controller before firmware version 0x0108 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0125
EPSS Percentile 65.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-787
Status published
Products (1)
ncr/s2_dispenser_controller_firmware < 0x0108
Published Mar 20, 2018
Tracked Since Feb 18, 2026