{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T00:05:41.755","vulnerabilities":[{"cve":{"id":"CVE-2023-42133","sourceIdentifier":"cvd@cert.pl","published":"2024-10-11T13:15:15.190","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"PAX Android based POS devices allow for escalation of privilege via improperly configured scripts.\n\nAn attacker must have shell access with system account privileges in order to exploit this vulnerability.\nA patch addressing this issue was included in firmware version PayDroid_8.1.0_Sagittarius_V11.1.61_20240226."},{"lang":"es","value":"Los dispositivos PAX Android based POS permiten la escalada de privilegios a través de scripts configurados incorrectamente. Un atacante debe tener acceso al shell con privilegios de cuenta del sistema para poder explotar esta vulnerabilidad. Se incluyó un parche que soluciona este problema en la versión de firmware PayDroid_8.1.0_Sagittarius_V11.1.61_20240226."}],"metrics":{"cvssMetricV31":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"references":[{"url":"https://blog.stmcyber.com/pax-pos-cves-2023/","source":"cvd@cert.pl"},{"url":"https://cert.pl/en/posts/2024/10/CVE-2023-42133","source":"cvd@cert.pl"},{"url":"https://cert.pl/posts/2024/10/CVE-2023-42133","source":"cvd@cert.pl"},{"url":"https://ppn.paxengine.com/release/development?","source":"cvd@cert.pl"}]}}]}