Vulnerabilities (CVE)

Filtered by vendor Verifone Subscribe
Filtered by product Mx900
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-14711 1 Verifone 2 Mx900, Mx900 Firmware 2024-02-04 4.4 MEDIUM 7.0 HIGH
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.
CVE-2019-14719 1 Verifone 2 Mx900, Mx900 Firmware 2024-02-04 4.6 MEDIUM 7.8 HIGH
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.
CVE-2019-14713 1 Verifone 2 Mx900, Mx900 Firmware 2024-02-04 2.1 LOW 5.5 MEDIUM
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages.
CVE-2019-14718 1 Verifone 2 Mx900, Mx900 Firmware 2024-02-04 4.6 MEDIUM 6.7 MEDIUM
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation.