CVE-2024-46916
Published: 29 August 2025
Summary
CVE-2024-46916 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Dieboldnixdorf Vynamic Security Suite. Its CVSS base score is 8.1 (High).
Operationally, ranked at the 31.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-54934
Vulnerability details
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the removal of critical system files before the filesystem is properly mounted (e.g., leveraging a delete call in /etc/rc.d/init.d/mountfs to remove the /etc/fstab file). This can allow code…
more
execution and, in some versions, enable recovery of TPM Disk Encryption keys and decryption of the Windows system partition.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
The access control policy and procedures directly mandate and enforce proper access control mechanisms across the organization.
Implements core proper privilege management by restricting to only required rights.
Baseline includes documented access control settings that are reviewed and maintained, reducing the ability to exploit improper access control.
Requiring the most restrictive settings instead of defaults prevents incorrect default permissions on resources.
Explicitly requires protecting the configuration management plan from unauthorized disclosure and modification.
The policy defines and enforces restrictions on physical access to resources, directly reducing improper access control.
Tailoring explicitly overrides or scopes default permission assignments in the baseline to match the system's actual risk and operational needs.
Central management enforces consistent access-control policies across systems, reducing the likelihood of missing or inconsistent enforcement.