Vulnerability Description
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted (e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file). This can allow code execution and, in some versions, enable recovery of TPM Disk Encryption keys and decryption of the Windows system partition.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dieboldnixdorf | Vynamic Security Suite | <= 4.3.0sr06 |
Related Weaknesses (CWE)
References
- https://github.com/emptynebuliNot Applicable
- https://www.atredis.com/blog/2025/8/26/24nrgne4dqbwjxyip7txn8ep6zj057ExploitThird Party Advisory
- https://www.dieboldnixdorf.com/en-us/banking/portfolio/software/security/Product
FAQ
What is CVE-2024-46916?
CVE-2024-46916 is a vulnerability with a CVSS score of 8.1 (HIGH). Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted (e.g., leveraging a delete c...
How severe is CVE-2024-46916?
CVE-2024-46916 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-46916?
Check the references section above for vendor advisories and patch information. Affected products include: Dieboldnixdorf Vynamic Security Suite.