Vulnerabilities > CVE-2019-14715 - Out-of-bounds Write vulnerability in Verifone products

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

NVD

Published: 2020-10-23

Updated: 2020-10-30

Summary

Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.

Part	Description	Count
OS	Verifone Verifone P400 Firmware - Verifone P200 Firmware - Verifone VX 820 Firmware - Verifone VX 805 Firmware -	4
Hardware	Verifone Verifone P400 - Verifone P200 - Verifone VX 820 - Verifone VX 805 -	4