Verix Multi-app Conductor Application for Verix | Vulnerability Exploit Verix Multi-app Conductor Application for Verix | Vulnerability Exploit

Home  |  Research  |  Resources  |  Advisories  |  VMAC for Verix

VMAC for Verix

Buffer Overflow

CVE ID

CVE-2019-10060

VENDOR

Verifone, Inc.

PRODUCT

Verix Multi-app Conductor

Product version

Ver. 2.7

Vulnerability Details

The Verix Multi-app Conductor application for Verix suffers from a buffer overflow vulnerability that allows attackers to execute arbitrary code via a long configuration key value. An attacker must be able to download files to the device in order to exploit this vulnerability.

Vendor response

Disclosure timeline


Offensive Minded Security Exploit Development

We are an international squad of professionals working as one.

logos