Verix Multi-app Conductor Application for Verix | Vulnerability Exploit

Home | Research | Resources | Advisories | VMAC for Verix

VMAC for Verix

Buffer Overflow

CVE ID

CVE-2019-10060

VENDOR

Verifone, Inc.

PRODUCT

Verix Multi-app Conductor

Product version

Ver. 2.7

Vulnerability Details

The Verix Multi-app Conductor application for Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability.

Learn More →

Penetration Testing Methodology: Emulating Realistic Attacks by a Malicious Actor

Blog Post

PASTA Threat Modeling

The foundation of VerSprite’s penetration testing service is based on emulating realistic attacks by a malicious actor through the use of PASTA (Process for Attack Simulation and Threat Analysis).

Read more

Razer Synapse 3

Advisory

Security Vulnerabilities

Razer Synapse 3’s incorrect permissions assignment vulnerability is allows for Denial of Service (DoS) attacks. This CVE-2021-30494 affects version 3.5.1030.101917.

Read more

Windows Named Pipes Part 4: Taking a Trip Down Static Analysis Lane

Blog Post

Exploitation of Vulnerabilities

In the last iteration of our four-part series, VerSprite’s security researchers examine real-world examples of reversing and exploiting Windows named pipe servers within applications using a custom vulnerable application. The methods covered to achieve this goal is through static analysis.

Read more

We are an international squad of professionals working as one.

Email

[email protected]

logos