Can you explain this vulnerability to me?

This vulnerability affects KioSoft's Stored Value Unattended Payment Solutions that use MiFare Classic NFC cards to store account balances. The balance is stored insecurely on the card and can be read and modified by attackers. By analyzing the card data and the checksum mechanism, attackers can alter the stored balance to arbitrary amounts (up to $65,535), effectively allowing them to generate money on the card.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

If you use KioSoft's Stored Value Unattended Payment Solutions with vulnerable NFC cards, an attacker could manipulate the card balance to add unauthorized funds. This could lead to financial loss for merchants or service providers accepting these cards, as attackers can pay for goods or services without legitimate funds.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by reading and analyzing the data stored on the MiFare Classic NFC cards used by the payment solution. By dumping the card data and observing changes, one can identify the fields storing the cash value and the checksum field created by XOR operations. Specific commands to read MiFare Classic NFC cards include using NFC tools such as 'nfc-mfclassic' or 'mfoc' to dump the card data for analysis.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include discontinuing the use of insecure MiFare Classic NFC cards for storing account balances, as they can be read and written to by attackers. Transitioning to more secure NFC card technologies with proper encryption and authentication mechanisms is recommended to prevent unauthorized balance modification.

Useful 0 Not Useful 0