CVE-2014-7892

EPSS 28.81%
Published 09.03.2015 17:59:04
Last modified 12.04.2025 10:46:40
Source hp-security-alert@hp.com
Teams watchlist Login
Open Login

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSMSR.ocx for Mini MSR magnetic stripe readers, Retail Integrated Dual-Head MSR magnetic stripe readers, Integrated Single Head MSR w/o SRED magnetic stripe readers, Integrated Single Head w/o MSR SRED magnetic stripe readers, RP7 Single Head MSR w/o SRED magnetic stripe readers, POS keyboards, and POS keyboards with MSR, aka ZDI-CAN-2508.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Ole Point Of Sale Driver Version <= 1.13.001

   Hp ≫ Mini Msr Fk186aa
   Hp ≫ Pos Keyboard Fk221aa Version-
   Hp ≫ Pos Keyboard With Msr Fk218aa Version-
   Hp ≫ Retail Integrated Dual-head Msr Qz673aa

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	28.81%	0.964

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://www.securitytracker.com/id/1031840

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04583185

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-7892

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-7892

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-7892

EUVD