Vulnerability Details CVE-2018-17770
Ingenico Telium 2 POS terminals have a buffer overflow via the RemotePutFile command of the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.6%
CVSS Severity
CVSS v3 Score 6.6
CVSS v2 Score 7.2
References
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
Products affected by CVE-2018-17770
-
cpe:2.3:h:ingenico:telium_2:-
-
cpe:2.3:o:ingenico:telium_2_firmware:*