Vulnerabilities > Verifone > Mx900 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-23 | CVE-2019-14719 | Command Injection vulnerability in Verifone Mx900 Firmware 30251000 Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager. | 7.8 |
| 2020-10-23 | CVE-2019-14718 | Incorrect Default Permissions vulnerability in Verifone Mx900 Firmware 30251000 Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation. | 6.7 |
| 2020-10-23 | CVE-2019-14713 | Unspecified vulnerability in Verifone Mx900 Firmware 30251000 Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages. | 5.5 |
| 2020-10-23 | CVE-2019-14711 | Race Condition vulnerability in Verifone Mx900 Firmware 30251000 Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass. | 7.0 |