GCVE - cpe:2.3:o:verifone:mx900_firmware:30251000:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:verifone:mx900_firmware:30251000:*:*:*:*:*:*:*

part: o version: 30251000 update: *

Vendor	Verifone (`c87169cb-35fe-5cc3-87c5-b3f8df905092`)
Product	Mx900 Firmware (`c7a09e03-6fa3-5be1-a22b-3eaf0033c95f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-14719`	vulnerable	2026-06-03 14:39:46.401389	Details available Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager. Published: 2020-10-23T04:35:21.000Z Updated: 2024-08-05T00:26:38.509Z Open on db.gcve.eu Reference links https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-23/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-14718`	vulnerable	2026-06-03 14:39:46.401096	Details available Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation. Published: 2020-10-23T04:36:47.000Z Updated: 2024-08-05T00:26:38.334Z Open on db.gcve.eu Reference links https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-22/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-14713`	vulnerable	2026-06-03 14:39:46.395091	Details available Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages. Published: 2020-10-23T04:33:42.000Z Updated: 2024-08-05T00:26:38.377Z Open on db.gcve.eu Reference links https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-21/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-14711`	vulnerable	2026-06-03 14:39:46.391929	Details available Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass. Published: 2020-10-23T04:31:36.000Z Updated: 2024-08-05T00:26:38.671Z Open on db.gcve.eu Reference links https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2020-20/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Verifone MX900 Firmware 30251000

PURL mappings

Vulnerability references

Contribute