CVE-2020-36128 : Security Advisory and Response

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower versions are affected by a token spoofing vulnerability that allows attackers to impersonate payment terminals.

Understanding CVE-2020-36128

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower versions are susceptible to a token spoofing vulnerability.

What is CVE-2020-36128?

The vulnerability in Pax Technology PAXSTORE allows attackers to intercept HTTPS traffic and craft X-Terminal-Token to authenticate their own payment terminals in the application store.

The Impact of CVE-2020-36128

This vulnerability enables attackers to impersonate payment terminals, potentially leading to unauthorized access and fraudulent activities.

Technical Details of CVE-2020-36128

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower versions are affected by a token spoofing vulnerability.

Vulnerability Description

Each payment terminal has a session token (X-Terminal-Token) to access the marketplace.
Attackers can intercept HTTPS traffic to collect the request assigning X-Terminal-Token, allowing them to impersonate other devices.

Affected Systems and Versions

Product: Pax Technology PAXSTORE
Vendor: Pax Technology
Versions affected: v7.0.8_20200511171508 and lower

Exploitation Mechanism

By intercepting HTTPS traffic, attackers can collect the X-Terminal-Token assignment request and impersonate other payment terminals.

Mitigation and Prevention

Immediate Steps to Take:

Monitor HTTPS traffic for any suspicious activities.
Implement encryption and secure communication protocols.
Regularly update and patch the PAXSTORE software. Long-Term Security Practices:
Conduct regular security audits and penetration testing.
Educate users on secure practices and awareness.
Implement multi-factor authentication and access controls.
Stay informed about security updates and best practices.