CVE-2019-14715

Description

Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.

CvssV3 impact

BaseSeverity

MEDIUM

ConfidentialityImpact

HIGH

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

PHYSICAL

AvailabilityImpact

HIGH

IntegrityImpact

HIGH

PrivilegesRequired

NONE

BaseScore

6.8

VectorString

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version

3.1

UserInteraction

NONE

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

PARTIAL

AvailabilityImpact

PARTIAL

IntegrityImpact

PARTIAL

BaseScore

4.599999904632568

VectorString

AV:L/AC:L/Au:N/C:P/I:P/A:P

Version

2.0

AccessVector

LOCAL

Authentication

NONE