Cyber Resilience

CVE-2024-46916

HighPublic PoC

Published: 29 August 2025

Published
29 August 2025
Modified
09 September 2025
KEV Added
Patch
CVSS Score v3.1 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0013 31.5th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-46916 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Dieboldnixdorf Vynamic Security Suite. Its CVSS base score is 8.1 (High).

Operationally, ranked at the 31.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted (e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file). This can allow code…

more

execution and, in some versions, enable recovery of TPM Disk Encryption keys and decryption of the Windows system partition.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dieboldnixdorf
vynamic security suite
≤ 4.3.0sr06

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

The access control policy and procedures directly mandate and enforce proper access control mechanisms across the organization.

Implements core proper privilege management by restricting to only required rights.

Baseline includes documented access control settings that are reviewed and maintained, reducing the ability to exploit improper access control.

Requiring the most restrictive settings instead of defaults prevents incorrect default permissions on resources.

Explicitly requires protecting the configuration management plan from unauthorized disclosure and modification.

The policy defines and enforces restrictions on physical access to resources, directly reducing improper access control.

Tailoring explicitly overrides or scopes default permission assignments in the baseline to match the system's actual risk and operational needs.

Central management enforces consistent access-control policies across systems, reducing the likelihood of missing or inconsistent enforcement.

References