6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
30.8%
An attacker with physical access to a PAX Point Of Sale device with ProlinOS through 2.4.161.8859R can boot it in management mode, enable the XCB service, and then list, read, create, and overwrite files with MAINAPP permissions.
git.lsd.cat/g/pax-pwn