Known Vulnerabilities for products from Verifone
Listed below are 10 of the newest known vulnerabilities associated with the vendor "Verifone".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Verifone can be found at device.report : Verifone
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-14719 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated ... | 7.8 - HIGH | 2020-10-23 | 2021-07-21 |
| CVE-2019-14718 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbi... | 6.7 - MEDIUM | 2020-10-23 | 2020-10-28 |
| CVE-2019-14717 | Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call. | 7.8 - HIGH | 2020-10-23 | 2020-10-30 |
| CVE-2019-14716 | Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out). | 6.6 - MEDIUM | 2020-10-23 | 2020-10-30 |
| CVE-2019-14715 | Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operati... | 6.8 - MEDIUM | 2020-10-23 | 2020-10-30 |
| CVE-2019-14713 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages. | 5.5 - MEDIUM | 2020-10-23 | 2020-10-28 |
| CVE-2019-14712 | Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation. | 7.8 - HIGH | 2020-10-23 | 2020-10-30 |
| CVE-2019-14711 | Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass. | 7 - HIGH | 2020-10-23 | 2021-07-21 |
| CVE-2019-10060 | The Verix Multi-app Conductor application 2.7 for Verifone Verix suffers from a buffer overflow vulnerability that allows att... | 8.1 - HIGH | 2019-03-26 | 2019-03-28 |
| CVE-2012-4951 | Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allo... | 7.5 - HIGH | 2012-11-15 | 2017-08-29 |
Known software with vulnerabilities from Verifone
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Verifone | Mx900 | - |
| Operating System | Verifone | Mx900 Firmware | 30251000 |
| Application | Verifone | Vericentre Web Console | 2.0 |
| Application | Verifone | Verix Multi-app Conductor | 2.7 |
| Operating System | Verifone | Verix Os | qt000530 |
| Hardware | Verifone | Vx520 | - |