MidnightBSD

Advisories for norwegian-air

CVE-2017-5634 HIGH

The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers to bypass the intended "Please select booking identification" UI step, and obtain administrative privileges and network access on the underlying Windows OS, by accessing a touch-screen print icon to manipulate the print dialog.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-668,

Products Affected

Vendor Product Version
norwegian-air norwegian_air_kiosk -