Check Point discloses vulnerability in eBay's Magneto platform
A recently discovered critical remote code execution vulnerability could have allowed attackers to compromise nearly 200,000 online eBay shops.
Check Point Software Technologies said in a press release that any online store based on eBay's Magneto platform could have been compromised. Along with gaining access to stores' databases that contain credit card data, as well as customer financial and personal data, successful attackers would be able bypass security measures and control the store entirely.
The company disclosed the vulnerability along with a list of possible fixes to eBay before its disclosure. eBay issued a patch for the flaws on February 9.
Shahar Tal, malware and vulnerability research manager at Check Point, said in the press release that impacted stores represent approximately 30 percent of the eCommerce market.