Privilege Escalation in NCR Terminal Handler by NCR
CVE-2023-47031

Currently unrated

Key Information:

Vendor: NCR
Status: NCR Terminal Handler
Vendor: CVE Published:; 23 June 2025

What is CVE-2023-47031?

A security vulnerability in the NCR Terminal Handler version 1.5.1 enables remote attackers to elevate privileges through a specially crafted POST request affecting various SOAP API components, including grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization. This flaw could potentially allow unauthorized access and manipulation of user roles, emphasizing the need for prompt remediation.

References

http://terminal.com

http://ncr.com

https://drive.google.com/file/d/1f9riw_seicV9MB7pRQJFY-8v...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Oct 30, 2023