Skip navigation EPAM
  • CONTACT US
  • Enter your search query or select one from the list of frequent searches below. Use up and down arrows to review and enter to select.

POSWorld: Vulnerabilities Within Ingenico Telium 2 and Verifone VX and MX Series Point of Sales Terminals

Timur Yunusov

Head of Offensive Security Research

Aleksei Stennikov

Independent Researcher
Research
  • Hardware Security
  • Disclosure

Over 2018 and 2019, we found serious vulnerabilities in the two biggest Point of Sales (PoS) vendors: Verifone and Ingenico. The affected devices are Verifone VX520, Verifone MX series, and the Ingenico Telium 2 series.

Through use of default passwords, we were able to execute arbitrary code through binary vulnerabilities (e.g., stack overflows, and buffer overflows). These PoS terminal weaknesses enable an attacker to send arbitrary packets, clone cards, clone terminals, and install persistent malware.

Download the whitepaper to learn more about our findings on PoS terminal security.

Get Whitepaper

Successfully submitted! Please check your email for the link to the whitepaper you requested.

Oops, something went wrong. Please try again.

If your download doesn't start automatically, please click

Validation failed! Please use the same browser and device that you used to fill out this form. You can also re-submit the form to receive a new download link.

Thank you for helping us keep your information up-to-date.

WhatWeDo.jpg

We Can Help

Our experts can help identify vulnerabilities and threats to keep your business secure.