Aures Komet Kiosk Mode access control
Description
A vulnerability classified as problematic has been found in Aures Komet up to 20230509. This affects an unknown part of the component Kiosk Mode. The manipulation leads to improper access controls. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier VDB-235053 was assigned to this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A local privilege escalation in Aures Komet kiosk mode (up to 20230509) lets an attacker with physical access bypass security restrictions and gain elevated privileges.
Vulnerability
A vulnerability classified as problematic exists in the Aures Komet Booking & POS Terminal running Windows 10 IoT Enterprise, in the Kiosk Mode component, up to version 20230509 [1]. The flaw involves improper access controls, allowing the kiosk's intended restrictions to be bypassed [1]. The affected product is an interactive kiosk for the fast food industry, handling orders, payments, and customer management [1].
Exploitation
The attack requires physical access to the device [1]. No authentication or prior access is needed because the attacker directly interacts with the kiosk's physical interface [1]. The exploit has been publicly disclosed, and the specific steps involve manipulating the kiosk environment to break out of the kiosk application and gain access to the underlying operating system [1].
Impact
Successful exploitation results in local privilege escalation, enabling the attacker to execute arbitrary commands or applications with higher privileges (possibly SYSTEM or Administrator), effectively seizing full control over the terminal [1]. This could lead to unauthorized access to sensitive data, payment information, or further compromise of the network.
Mitigation
As of the advisory date, no patch or firmware update was available from Aures for CVE-2023-3786 [1]. The vendor was notified in May 2023, but a fix has not been released [1]. Users should restrict physical access to kiosk devices, ensure Windows 10 IoT Enterprise is hardened, and monitor for updates from Aures. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Aures/Kometv5Range: 20230509
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Improper access controls in Kiosk Mode allow a physically present user to escape the restricted environment and escalate privileges on the underlying Windows 10 IoT Enterprise operating system."
Attack vector
An attacker with physical access to the kiosk terminal can exploit improper access controls in Kiosk Mode to escape the restricted environment [ref_id=1]. The attack is launched directly on the physical device, requiring no network access. Once the kiosk restrictions are bypassed, the attacker gains elevated privileges on the underlying Windows 10 IoT Enterprise operating system [ref_id=1].
Affected code
The advisory identifies the Aures Komet Booking & POS Terminal running Windows 10 IoT Enterprise as the affected product, with the vulnerability located in the Kiosk Mode component [ref_id=1]. No specific source file or function names are provided in the reference write-up.
What the fix does
The advisory does not include a patch or specific remediation steps from the vendor [ref_id=1]. The disclosure timeline indicates a vendor fix was in progress by the service developer team, but no patch details are published. Without a published fix, operators should restrict physical access to the kiosk and review Kiosk Mode configuration to enforce stricter access controls.
Preconditions
- networkAttacker must have physical access to the Aures Komet terminal
- configThe terminal must be running in Kiosk Mode on Windows 10 IoT Enterprise
Reproduction
The public exploit reference (seclists.org) is listed but its content is not included in the bundle, so reproduction steps cannot be provided.
Generated on May 24, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- seclists.org/fulldisclosure/2023/Jul/40mitreexploitmailing-list
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.vulnerability-lab.com/get_content.phpmitrerelated
News mentions
0No linked articles in our index yet.