× Business
TelecomHealthcareDigital MarketingERPRetailMedia and EntertainmentOil and GasFood and BeveragesMarketing and AdvertisingBanking and Insurance
Technology
Big DataCloudIT ServiceSoftwareMobileSecurityNetworkingStorageCyber SecuritySAPData AnalysisloTBio Tech
Platform
Cisco DATABASE Google IBM Juniper Microsoft M2M Oracle Red hat Saas SYMANTEC
Leadership
CEO ReviewCMO ReviewCFO ReviewCompany Review
Magazines
US INDIA ASIA ARCHIVE
Startups Opinion Yearbook Readers Speak Contact Us

Oracle's Micros POS breach can jeopardize business data

siliconreview Oracle's Micros POS breach can jeopardize business data

A massive-risk security bug in Oracle’s Micros point of sale systems that was discovered by ERPScan security researcher Dmitry Chastuhin has the potential to put the business data at risk.

Security attacks have become a most common and critical problem in recent times. Breaches in point of the sale payment terminal have been the breeding grounds for hackers. Last year, Forever 21 had to face the wrath of this attack, putting thousands of customers’ credentials at risk.

The vulnerability in Oracle Micros, allows a hacker to gain unauthenticated read and write access to the point of sale server’s database, thereby leveraging to compromise and download a company’s complete business data.

The flaw has acquired 8.1 score of 10 for its highly hazardous nature. It means that the security issue is dangerous and must be patched primarily or an attacker will be able to read any file and receive information about various services without authentication from a vulnerable MICROS workstation.

The researchers stated further that the flaw can be exploited by those, like an employee who has the access to flawed micros point of sale device. The attacker can snatch DB usernames and password hashes, brute them and gain full access to the DB with all business data. There are several ways of its exploitation, leading to the whole MICROS system compromise.

Oracle has confirmed that vulnerability is severe and said that complexity of the attack is intense. However, the tech giant has said that it has fixed the flaw, as part of its quarterly patching schedule.

YOU MIGHT ALSO LIKE::

ENROLL FOR UPCOMING ISSUE