CVE-2023-36607 CVE-2023-36607

🗓️ 29 Jun 2023 20:30:13Reported by icscertType

TBox RTUs missing authorization for API commands

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-36607	30 Jun 202300:14	–	circl
CNNVD	Ovarro TBox RTU 安全漏洞	29 Jun 202300:00	–	cnnvd
CVE	CVE-2023-36607	29 Jun 202320:30	–	cve
EUVD	EUVD-2023-40552	3 Oct 202520:07	–	euvd
ICS	Ovarro TBox RTUs	29 Jun 202306:00	–	ics
NVD	CVE-2023-36607	29 Jun 202321:15	–	nvd
OSV	CVE-2023-36607	29 Jun 202321:15	–	osv
Prion	Authorization	29 Jun 202321:15	–	prion
Positive Technologies	PT-2023-25628 · Tbox Rtus · Tbox Rtus	29 Jun 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-36607 CVE-2023-36607	29 Jun 202320:30	–	vulnrichment

[
  {
    "defaultStatus": "unaffected",
    "product": "TBox RM2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox TG2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox LT2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox MS-CPU32-S2",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "TBox MS-CPU32",
    "vendor": "Ovarro",
    "versions": [
      {
        "lessThanOrEqual": "1.50.598",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/news-events/ics-advisories/icsa-23-180-03

29 Jun 2023 20:30Current

5.6Medium risk

Vulners AI Score5.6

EPSS0.00395

CWE-862