CVE-2014-7890 — HIGH (10.0)

Q: How severe is CVE-2014-7890?

CVE-2014-7890 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-7890?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Ole Point Of Sale Driver, Hp Pos Keyboard Fk221Aa, Hp Pos Keyboard With Msr Fk218Aa.

Vulnerability Description

The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and POS keyboards with MSR, aka ZDI-CAN-2510.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Hp	Ole Point Of Sale Driver	<= 1.13.001
Hp	Pos Keyboard Fk221Aa	All versions
Hp	Pos Keyboard With Msr Fk218Aa	All versions

References

FAQ

What is CVE-2014-7890?

CVE-2014-7890 is a vulnerability with a CVSS score of 10.0 (HIGH). The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSToneIndicator.ocx for POS keyboards and ...

How severe is CVE-2014-7890?

CVE-2014-7890 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-7890?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Ole Point Of Sale Driver, Hp Pos Keyboard Fk221Aa, Hp Pos Keyboard With Msr Fk218Aa.