Vulnerability CVE-2024-37364


Published: 2024-06-06

Description:
Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows physically proximate attackers to obtain sensitive information (such as hotel invoice content with PII), and potentially create unauthorized room keys, by entering a guest-search quote character and then accessing the underlying Windows OS.

 References:
https://www.pentagrid.ch/en/blog/ariane-allegro-hotel-check-in-terminal-kios-escape/
https://news.ycombinator.com/item?id=40582475

Copyright 2026, cxsecurity.com

 

Back to Top