Bugcrowd: Most Retail Hardware Bug Bounty Flaws Are Critical

guest · Oct 29, 2019

Most Retail Hardware Bug Bounty Flaws Are Critical
Overall, across all retail programs, more than 18 percent of all bug bounty submissions are critical in severity
October 29, 2019
https://threatpost.com/threatlist-most-retail-hardware-pos-flaws-are-critical/149609/

Almost all of hardware vulnerabilities – 90 percent – that were submitted to retail bug bounty programs so far this year were categorized as critical, showing that Point of Sale systems and other retail hardware assets remain a serious security issue.

That’s due to the fact that retail hardware assets often lack built-in security features. Hardware assets often require manual updates (which can’t be done at scale, making it more difficult and time-consuming to patch systems) and are generally short on processing power and memory (meaning standard encryption protocols are frequently forgone by manufacturers), according to Bugcrowd’s 2019 State of Retail Cybersecurity report, released Tuesday.

“Hardware targets… tend to receive fewer submissions, but far outweigh other asset types in percentage of high-impact findings for this industry,” according to Bugcrowd’s report. “Such an imbalance may be the result of programmatic factors unique to each retailer, but there are several macroeconomic factors at play as well.”
Click to expand...

Bugcrowd: State of Retail Cybersecurity: Saying IDONT to IDOR this Holiday Season

Log in or Sign up

Bugcrowd: Most Retail Hardware Bug Bounty Flaws Are Critical

guest Guest

Log in or Sign up

Bugcrowd: Most Retail Hardware Bug Bounty Flaws Are Critical

guest Guest

Useful Searches