Skip navigation EPAM
  • CONTACT US
  • Enter your search query or select one from the list of frequent searches below. Use up and down arrows to review and enter to select.

POSWorld: Vulnerabilities Within Ingenico Telium 2 and Verifone VX and MX Series Point of Sales Terminals

Timur Yunusov

Head of Offensive Security Research
Connect
Follow

Aleksei Stennikov

Independent Researcher
Connect
Follow
Research
  • Hardware Security
  • Disclosure

Over 2018 and 2019, we found serious vulnerabilities in the two biggest Point of Sales (PoS) vendors: Verifone and Ingenico. The affected devices are Verifone VX520, Verifone MX series, and the Ingenico Telium 2 series.

Through use of default passwords, we were able to execute arbitrary code through binary vulnerabilities (e.g., stack overflows, and buffer overflows). These PoS terminal weaknesses enable an attacker to send arbitrary packets, clone cards, clone terminals, and install persistent malware.

Download the whitepaper to learn more about our findings on PoS terminal security.

Get Whitepaper

Successfully submitted! Please check your email for the link to the whitepaper you requested.

Oops, something went wrong. Please try again.

If your download doesn't start automatically, please click

Download
Download

Validation failed! Please use the same browser and device that you used to fill out this form. You can also re-submit the form to receive a new download link.

Thank you for helping us keep your information up-to-date.

Cancel

Related Content

  • ‘Millions’ Of Payment Terminals Are Vulnerable To Credit Card Theft Hacks

    LEARN MORE

  • Card Fraud in a PSD2 World: A Few Examples

    LEARN MORE
WhatWeDo.jpg

We Can Help

Our experts can help identify vulnerabilities and threats to keep your business secure.

Contact us Contact us