Printing Fake Fiscal Receipts - An Italian Job p.2
16 May 2022 at 10:00
TL;DR The ItalRetail RistorAndro app installed on the SpiceT fiscal printer is affected by a pre-authentication remote arbitrary file write and an arbitrary app installation.
Moreover, the Android OS version installed is affected by two known vulnerabilities, namely CVE-2017-13156 (Janus), that allows to esclate the privileges to system, and CVE-2016-5195 (DirtyCOW) that allows to escalate the privileges to root in the vold SELinux context.
Rewind ⏮ In the first post we analyzed the fiscal unit and its local attack surface.