CVE-2025-5555
HIGHNixdorf Wincor PORT IO Driver <3.0.0.1 - Buffer Overflow
Title source: llmDescription
A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub_11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0.1 is able to mitigate this issue. Upgrading the affected component is recommended. The vendor was contacted beforehand and was able to provide a patch very early.
References (5)
Core 5
Core References
Permissions Required, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.329013
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.329013
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.604823
Various Sources broken-link
exploit
https://b.iakb.org/2025/06/26/Wincor-Nixdorf-PORT-IO-Driver-Buffer-Overflow/
Various Sources patch
https://download.dieboldnixdorf.com/
Scores
CVSS v3
7.8
EPSS
0.0021
EPSS Percentile
11.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-119
CWE-121
Status
published
Products (3)
Nixdorf Wincor/PORT IO Driver
1.0.0.0
Nixdorf Wincor/PORT IO Driver
1.0.0.1
Nixdorf Wincor/PORT IO Driver
3.0.0.1
Published
Oct 18, 2025
Tracked Since
Feb 18, 2026