CVE-2023-36344

HIGH

Diebold Nixdorf Vynamic View Console <5.3.1 - Code Injection

Title source: llm

Description

An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry

https://packetstormsecurity.com/files/173990/Diebold-Nixdorf-Vynamic-View-Console-5.3.1-DLL-Hijacking.html

Vendor Advisory

https://www.dieboldnixdorf.com/en-us/banking/portfolio/software/view/

Scores

CVSS v3 7.8

EPSS 0.0040

EPSS Percentile 31.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-427

Status published

Products (1)

dieboldnixdorf/vynamic_view < 5.3.1

Published Aug 08, 2023

Tracked Since Feb 18, 2026