Search Results | AttackerKB

Show filters

Topics 4 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2019-14713

Disclosure Date: October 23, 2020 (last updated November 28, 2024)

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14711

Disclosure Date: October 23, 2020 (last updated February 22, 2025)

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14719

Disclosure Date: October 23, 2020 (last updated February 22, 2025)

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.

Attack Vector: Local Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2019-14718

Disclosure Date: October 23, 2020 (last updated February 22, 2025)

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation.

Attack Vector: Local Privileges: High User Interaction: None

0