Page 2 of 12 results (0.002 seconds)

CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0

The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03 • CWE-862: Missing Authorization •

CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0

The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution. El paquete "ipk" que contiene la configuración creada por TWinSoft puede ser cargado, extraído y ejecutado en Ovarro TBox, permitiendo la ejecución de código malicioso • https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04 •

CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. Ovarro TBox TWinSoft usa el usuario personalizado "TWinSoft" con una clave embebida • https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04 • CWE-798: Use of Hard-coded Credentials •

CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file. Las funciones de acceso a archivos Modbus propietarias de Ovarro TBox permiten a atacantes leer, alterar o eliminar el archivo de configuración • https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0

An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution. Un atacante puede usar TWinSoft y un archivo de proyecto fuente malicioso (TPG) para extraer archivos en la máquina que ejecuta Ovarro TWinSoft, lo que podría conllevar a una ejecución de código • https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •