Lucene search
IcscertCVELIST:CVE-2021-22650HistoryJul 28, 2022 - 2:18 p.m.
CVE-2021-22650 Ovarro TBox Relative Path Traversal
2022-07-2814:18:25
icscert
www.cve.org
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
9.8 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.7%
An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.
CNA Affected
[
{
"product": "TBox",
"vendor": "Ovarro",
"versions": [
{
"status": "affected",
"version": "LT2"
},
{
"status": "affected",
"version": "MS-CPU32"
},
{
"status": "affected",
"version": "MS-CPU32-S2"
},
{
"status": "affected",
"version": "RM2"
},
{
"status": "affected",
"version": "TG2"
}
]
}
]Related
cve
cve
CVE-2021-22650
2022-07-28 15:15:07
nvd
nvd
CVE-2021-22650
2022-07-28 15:15:07
prion
prion
Code injection
2022-07-28 15:15:00
ics
ics
Ovarro TBox (Update A)
2021-09-23 12:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
9.8 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.7%
Related for CVELIST:CVE-2021-22650