PT-2020-21: Installation of unsigned packages

HIGH
(8.2) CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Vulnerable software

Verifone
MX900

Severity level

Severity level: High
Impact: Installation of unsigned packages
Access Vector: Local

CVSS v3.1:
Base Score: 8.2
Vector: (AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

CVE-2019-14713

Advisory status

01.10.2019 - Vendor gets vulnerability details
01.08.2020 - Vendor releases fixed version and details

Credits

The vulnerability was detected by Alex Stennikov, Dmitry Sklyarov, Egor Zaitsev, Positive Research Center (Positive Technologies Company)

Identifier:
CVE-2019-14713
Vendor:
Verifone
Vulnerable product:
MX900

Get in touch

Fill in the form and our specialists
will contact you shortly