CVSS: 9.8EPSS: 0%CPEs: 15EXPL: 0CVE-2021-22640 – Ovarro TBox Insufficiently Protected Credentials
https://notcve.org/view.php?id=CVE-2021-22640
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks. Un atacante puede descifrar la contraseña de inicio de sesión de Ovarro TBox mediante la captura de comunicaciones y ataques de fuerza bruta • https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04 • CWE-294: Authentication Bypass by Capture-replay CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2021-22642 – Ovarro TBox Uncontrolled Resource Consumption
https://notcve.org/view.php?id=CVE-2021-22642
An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. Un atacante podría usar tramas Modbus no válidas especialmente diseñadas para bloquear el sistema Ovarro TBox • https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04 • CWE-400: Uncontrolled Resource Consumption •