PT-2020-26: Buffer Overflow in Verix OS core (Run() system call)

2020-01-08T00:00:00
ID PT-2020-26
Type ptsecurity
Reporter Positive Technologies
Modified 1970-01-01T00:00:00

Description

PT-2020-26: Buffer Overflow in Verix OS core (Run() system call)

Verifone
VerixV

Severity level

Severity level: High
Impact: Buffer Overflow in Verix OS core (Run() system call)
Access Vector: Local

CVSS v3.1:
Base Score: 8.2
Vector: (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)

CVE-2019-14717

Advisory status

01.10.2019 - Vendor gets vulnerability details
01.08.2020 - Vendor releases fixed version and details

Credits

The vulnerability was detected by Alex Stennikov, Dmitry Sklyarov, Egor Zaitsev, Positive Research Center (Positive Technologies Company)