PT-2020-23: Multiple arbitrary command injections (file manager, etc.) Verifone MX900 Severity level Severity level: Medium Impact: Multiple arbitrary command injections (file manager, etc.) Access Vector: Remote CVSS v3.1: Base Score: 6.3 Vector: (AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L) CVE-2019-14719 Advisory status 01.10.2019 - Vendor gets vulnerability details 01.08.2020 - Vendor releases fixed version and details Credits The vulnerability was detected by Alex Stennikov, Dmitry Sklyarov, Egor Zaitsev, Positive Research Center (Positive Technologies Company)