Medium severity6.7NVD Advisory· Published Oct 11, 2024· Updated Apr 15, 2026

CVE-2023-42133

Description

PAX Android based POS devices allow for escalation of privilege via improperly configured scripts.

An attacker must have shell access with system account privileges in order to exploit this vulnerability. A patch addressing this issue was included in firmware version PayDroid_8.1.0_Sagittarius_V11.1.61_20240226.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.stmcyber.com/pax-pos-cves-2023/nvd
cert.pl/en/posts/2024/10/CVE-2023-42133nvd
cert.pl/posts/2024/10/CVE-2023-42133nvd
ppn.paxengine.com/release/developmentnvd

News mentions

No linked articles in our index yet.

cvss	0.436
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000