Known Vulnerabilities for Twinsoft by Ovarro
Listed below are 6 of the newest known vulnerabilities associated with "Twinsoft" by "Ovarro".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-22650 | An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft,... | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22648 | Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file. | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22646 | The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBo... | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22644 | Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22642 | An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. | 7.5 - HIGH | 2022-07-28 | 2022-08-04 |
| CVE-2021-22640 | An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks. | 9.8 - CRITICAL | 2022-07-28 | 2023-08-08 |