Ingenico Telium 2 POS terminals have a buffer overflow via SOCKET_TASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
References
Link | Resource |
---|---|
https://ingenico.us/smart-terminals/telium2 | Product |
https://youtu.be/gtbS3Gr264w | Exploit Third Party Advisory |
https://youtu.be/oyUD7RDJsJs | Exploit Third Party Advisory |
https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-19/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-09-09 12:15
Updated : 2022-10-06 19:12
NVD link : CVE-2018-17773
Mitre link : CVE-2018-17773
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
ingenico
- telium_2_firmware
- telium_2