Vulnerability Details CVE-2018-17773
Ingenico Telium 2 POS terminals have a buffer overflow via SOCKET_TASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.3%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 7.2
References
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-19/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
- https://ingenico.us/smart-terminals/telium2
- https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-19/
- https://youtu.be/gtbS3Gr264w
- https://youtu.be/oyUD7RDJsJs
Products affected by CVE-2018-17773
-
cpe:2.3:h:ingenico:telium_2:-
-
cpe:2.3:o:ingenico:telium_2_firmware:*