Vulnerability Description
The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receipt printers, SerialUSB Thermal Receipt printers, Hybrid POS printers with MICR, Value PUSB Receipt printers, and Value Serial/USB Receipt printers, aka ZDI-CAN-2507.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Ole Point Of Sale Driver | <= 1.13.001 |
| Hp | Hybrid Pos Printer With Micr Us Fk184Aa | All versions |
| Hp | Pusb Thermal Receipt Printer F7M67Aa | All versions |
| Hp | Pusb Thermal Receipt Printer Fk224Aa | All versions |
| Hp | Serialusb Thermal Receipt Printer Bm476Aa | All versions |
| Hp | Value Serial\/Usb Receipt Printer F7M66Aa | All versions |
References
- http://www.securitytracker.com/id/1031840
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Vendor Advisory
- http://www.securitytracker.com/id/1031840
- https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c0Vendor Advisory
FAQ
What is CVE-2014-7893?
CVE-2014-7893 is a vulnerability with a CVSS score of 10.0 (HIGH). The OLE Point of Sale (OPOS) drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSCheckScanner.ocx for PUSB Thermal Receip...
How severe is CVE-2014-7893?
CVE-2014-7893 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-7893?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Ole Point Of Sale Driver, Hp Hybrid Pos Printer With Micr Us Fk184Aa, Hp Pusb Thermal Receipt Printer F7M67Aa, Hp Pusb Thermal Receipt Printer Fk224Aa, Hp Serialusb Thermal Receipt Printer Bm476Aa.