Remote Code Execution Vulnerability in NCR Terminal Handler
CVE-2023-47032

Currently unrated

Key Information:

Vendor: NCR
Status: NCR Terminal Handler
Vendor: CVE Published:; 23 June 2025

What is CVE-2023-47032?

A security flaw in NCR Terminal Handler version 1.5.1 allows remote attackers to execute arbitrary code by leveraging a crafted script aimed at the UserService SOAP API function. This vulnerability poses a significant risk as it can be exploited without requiring prior authentication, granting attackers the ability to manipulate system functionalities and potentially compromise sensitive data.

References

https://drive.google.com/file/d/1rTKc2nxEc40VTItJiJ9moZ5V...

https://github.com/pwahba/cve-research/blob/main/CVE-2023...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
Oct 30, 2023