Known Vulnerabilities for products from Ovarro
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Ovarro".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-36611 | The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an... | 6.5 - MEDIUM | 2023-07-03 | 2023-07-07 |
| CVE-2023-36610 | The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the... | 5.9 - MEDIUM | 2023-07-03 | 2023-11-07 |
| CVE-2023-36609 | The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could se... | 7.2 - HIGH | 2023-07-03 | 2023-07-10 |
| CVE-2023-36608 | The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm. | 6.5 - MEDIUM | 2023-07-03 | 2023-07-10 |
| CVE-2023-36607 | The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reve... | 5.3 - MEDIUM | 2023-06-29 | 2023-07-07 |
| CVE-2023-3395 | All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access... | 6.5 - MEDIUM | 2023-07-03 | 2023-11-07 |
| CVE-2021-22650 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22648 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22646 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22644 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-07-28 | 2022-08-04 |
| CVE-2021-22642 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-07-28 | 2022-08-04 |
| CVE-2021-22640 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-07-28 | 2023-08-08 |