Lucene search
HpCVE-2014-7890HistoryMar 09, 2015 - 5:59 p.m.
CVE-2014-7890
2015-03-0917:59:02
hp
web.nvd.nist.gov
24
cve-2014-7890
ole point of sale
opos drivers
hp point of sale
windows pcs
arbitrary code execution
remote attackers
opostoneindicator.ocx
pos keyboards
msr
zdi-can-2510
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.952
Percentile
99.4%
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510.
Affected configurations
Node
hpole_point_of_sale_driverRange≤1.13.001
hppos_keyboard_fk221aa
ORhppos_keyboard_with_msr_fk218aa
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hp | ole_point_of_sale_driver | * | cpe:2.3:a:hp:ole_point_of_sale_driver:*:*:*:*:*:*:*:* |
| hp | pos_keyboard_fk221aa | * | cpe:2.3:h:hp:pos_keyboard_fk221aa:*:*:*:*:*:*:*:* |
| hp | pos_keyboard_with_msr_fk218aa | * | cpe:2.3:h:hp:pos_keyboard_with_msr_fk218aa:*:*:*:*:*:*:*:* |
Related
zdi
zdi
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2014-7890
2015-03-09 17:00:00
nvd
nvd
CVE-2014-7890
2015-03-09 17:59:02
prion
prion
Code injection
2015-03-09 17:59:00
securityvulns
securityvulns
nessus
nessus
HP OPOS CCO Drivers RCE Vulnerabilities
2015-03-16 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.952
Percentile
99.4%
Related for CVE-2014-7890