4 matches found
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
The point-of-sale PoS terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to...
CVE-2023-42137
PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow for command execution with high privileges by using malicious symlinks. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2023-42137
PAX Android based POS devices with PayDroid8.1.0SagittariusV11.1.5020230614 or earlier can allow for command execution with high privileges by using malicious symlinks. The attacker must have shell access to the device in order to exploit this vulnerability...
CVE-2023-42137
CVE-2023-42137 affects PAX Android-based PoS devices running PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier. The issue allows privilege escalation from system/shell user to root via insecure operations in the systool_server daemon (all Android-based PAX PoS devices). Exploitation require...