Remote ATM hacking possible with Iagona ScrutisWeb bugs

ATMs impacted by four Iagona ScrutisWeb ATM fleet monitoring system flaws, which have been remediated last month, could be subjected to remote hacking attacks, reports SecurityWeek.

Attackers could leverage the vulnerabilities, tracked as CVE-2023-33871, CVE-2023-38257, CVE-2023-35763, and CVE-2023-35189, to facilitate server data acquisition, arbitrary command execution, and encrypted admin password procurement and decryption, which could then be used to monitor connected ATMs and execute various malicious activities, according to a report from Synack Red Team members who discovered the security bugs.

“Additional exploitation from this foothold in the client’s infrastructure could occur, making this an internet-facing pivot point for a malicious actor,” said researcher Neil Graves, who added that further study is needed to determine the possibility of a custom software upload to allow the exfiltration of cards and redirection of Swift transfers.

Organizations have already been warned by the Cybersecurity and Infrastructure Security Agency regarding the flaws last month.