Almost all the devices on display in the Voting Village used outdated software. This includes unpatched versions of software components, such as OpenSSL, within the applications themselves. Some also used Windows XP and CE, two operating systems no longer supported by Microsoft.
One machine, WinVote, running on Windows XP, had the autorun feature enabled. Thus, allowing anyone with physical access to insert a USB and execute malware. The device also a hard-coded Wi-Fi password, in addition to using the now-discredited WEP protocol.
The WinVote machine fell early. It took researcher Carsten Schurmann only 1 hour, 40 minutes, to gain access because (at least in the village) the machine was not securely configured. Rather, it was in its default state. That also implies voting officials using the machine on-site know how to configure it securely which may not always be the case.