Remote code execution alerts of Diebold Nixdorf Vulnerability on Older AtmsByBill Toulas-June 8, 2019.411 Older Diebold Nixdorf Atms running outdated software are susceptible to Rce attacks. The company released a patch which plugs the flaw by changing the configuration as well as a guide to securing it. Diebold Nixdorf has revealed a weakness that plagues its older Opteva-branded Atm machines allowing remote code execution (Rce) attacks, one of the world’s largest Atm manufacturers with a presence in 130 countries. According to the company’s report, the potential exposure was a part of the Agilis Xfs service using. Net remote over an externally facing channel and affects the 4.x and earlier version of Opterva. The company released version 4.1.22 of Agilis Xfs for Opteva, which moves the externally facing Háp to internal process communication so that the issue can be resolved through a software update. To further secure network communications Diebold suggests enabling a properly configured system / host firewall, installing a Tls link and a Mac verification layer, and setting up a segmented Lan / Vlan with detection and prevention of intrusions. Last but not least, restricting physical access to the Atm machines is always a vital part of keeping them safe so locking the compartment using two-factor authentication and regular visual inspections are also included in the company’s securing guide. Of course it goes without saying that keeping the operating system and all the firmware modules up-to-date and implementing any necessary patches immediately. A security researcher who approached Diebold Nixdorf via their regular “Contact Us” form was finding the specific flaw, so it took the company a long time to get back to him. Once more specifics were exchanged with the Atm manufacturer’s security experts, the organization moved on quickly to issue a patch and publish the related securing guidelines. Furthermore, Diebold Nixdorf has explained that there have been no reported cases of abuse and Rce accidents, and that there are practically no banks or organizations that have left their Atm fleet as obsolete as required for the vulnerability still to exist out there. .412.412 The researcher published a detailed post on how the Atms attack could operate without, however, revealing details of the design code. If you want to immerse yourself in the technical details of the attack go ahead and check out this Medium post. The announcement of this came only after three months have passed since Diebold Nixdorf was first revealed.