If the attacker is able to manipulate the ATM so that they can unplug the Ethernet cable and connect a device, they are then able to conduct attacks on the network service or man-in-the-middle attacks. Through the vulnerabilities CVE-2017-8464 and CVE-2018-1038 they could enable remotely running arbitrary code and subsequently escalating privileges this resulted in the ability to “disable security mechanisms and control output of banknotes from the dispenser.” Hit it Hardīy far the most successful type of attack was a direct hack of the ATM itself, although this required physical access.
