CVE-2018-15809
Pending
AccuPOS, Inc.
AccuPOS
The AccuPOS Point Of Sale Application is installed with the insecure "Authenticated Users: Modify" permission for files within the installation path. This may allow local attackers to compromise the integrity of critical resource and executable files.
AccuPOS has not remediated the vulnerability.
- 02-27-2018 - Disclosed to Vendor
- 03-27-2018 - Follow up via Email
- 04-09-2018 - No response from vendor
- 06-03-2018 - Publicly disclosed at BSides ATL
VerSprite Security Research Team