Known Vulnerabilities for Tbox Lt2 by Ovarro
Listed below are 6 of the newest known vulnerabilities associated with "Tbox Lt2" by "Ovarro".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-36611 | The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an... | 6.5 - MEDIUM | 2023-07-03 | 2023-07-07 |
| CVE-2023-36610 | The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the... | 5.9 - MEDIUM | 2023-07-03 | 2023-11-07 |
| CVE-2023-36609 | The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could se... | 7.2 - HIGH | 2023-07-03 | 2023-07-10 |
| CVE-2023-36608 | The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm. | 6.5 - MEDIUM | 2023-07-03 | 2023-07-10 |
| CVE-2023-36607 | The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reve... | 5.3 - MEDIUM | 2023-06-29 | 2023-07-07 |
| CVE-2023-3395 | All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access... | 6.5 - MEDIUM | 2023-07-03 | 2023-11-07 |