The attack, IOActive explains, was possible due to a vulnerability in the ATM’s software update mechanism that could allow an attacker to supply their own malicious file and trigger legitimate processes for code execution.