CVE-2023-36611

🗓️ 03 Jul 2023 20:03:07Reported by icscertType

The TBox RTUs allow low privilege users to access security tokens of higher privilege

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2023-36611	4 Jul 202300:23	–	circl
CNNVD	Ovarro TBox RTUs 授权问题漏洞	3 Jul 202300:00	–	cnnvd
Cvelist	CVE-2023-36611	3 Jul 202320:03	–	cvelist
EUVD	EUVD-2023-40556	3 Oct 202520:07	–	euvd
ICS	Ovarro TBox RTUs	29 Jun 202306:00	–	ics
NVD	CVE-2023-36611	3 Jul 202321:15	–	nvd
Prion	Code injection	3 Jul 202321:15	–	prion
Vulnrichment	CVE-2023-36611	3 Jul 202320:03	–	vulnrichment

NVD

Vulners

Node

ovarro tbox_ms-cpu32_firmwareRange≤1.50.598

AND

ovarro tbox_ms-cpu32Match-

Node

ovarro tbox_ms-cpu32-s2_firmwareRange≤1.50.598

AND

ovarro tbox_ms-cpu32-s2Match-

Node

ovarro tbox_lt2_firmwareRange≤1.50.598

AND

ovarro tbox_lt2Match-

Node

ovarro tbox_tg2_firmwareRange≤1.50.598

AND

ovarro tbox_tg2Match-

Node

ovarro tbox_rm2_firmwareRange≤1.50.598

AND

ovarro tbox_rm2Match-

[
  {
    "defaultStatus": "unaffected",
    "product": "TBox MS-CPU32",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox MS-CPU32-S2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox LT2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox TG2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox RM2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-23-180-03

21 Nov 2024 08:10Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.5

EPSS0.00097

SSVC

CWE-285