Point of Sale Honeywell buffer overflow attack

Honeywell Point Of Sale(POS) systems – like the Dolphin Scanners:

The components of Honeywell’s software (OLE for Retail POS systems to be exact) seem to be susceptible to buffer overflow attacks.

Threatpost blogpost

Relevant paragraph:

“The Honeywell OPOS Suite provides a standard programming interface that allows POS hardware to be easily integrated into retail POS systems based on Microsoft Windows operating systems. Honeywell OPOS Suite versions prior to version 1.13.4.15 are vulnerable to stack buffer overflows in HWOPOSScale.ocx and HWOPOSSCANNER.ocx,” the Honeywell advisory says.
dolphin-honeywellHoneywell Dolphin 70e barcode reader
So it is important to check your POS system software for vulnerabilities such as buffer overflows.  The problem is that POS systems typically are not as secure as standard corporate computers.
This is typical of hackers they will find the crack in the dam such as the Target and Home Depot breaches, as specifically designed malware for POS systems.
It is important for your POS systems to be reviewed periodically as part of an audit program.  Internal as well as external.
Fixvirus.com can help with an external audit

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.