CVE-2018-17769

Name of the Vulnerable Software and Affected Versions: Ingenico Telium 2 POS terminals versions prior to Telium 2 SDK v9.32.03 patch N

Description: The issue is a buffer overflow via the 0x26 command of the NTPT3 protocol. This protocol is used in Ingenico Telium 2 POS terminals. The buffer overflow can be exploited, but details about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited are not provided.

Recommendations: For versions prior to Telium 2 SDK v9.32.03 patch N, update to Telium 2 SDK v9.32.03 patch N to resolve the issue. As a temporary workaround, consider restricting access to the 0x26 command of the NTPT3 protocol until the patch is applied.