Code injection

2022-07-2815:15:00

PRIOn knowledge base

www.prio-n.com

9.5 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

76.7%

JSON

An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.

CPENameOperatorVersion
tbox_lt2-530_firmwarelt1.46
tbox_lt2-532_firmwarelt1.46
tbox_lt2-540_firmwarelt1.46
tbox_ms-cpu32-s2_firmwarelt1.46
tbox_ms-cpu32_firmwarelt1.46
tbox_rm2_firmwarelt1.46
tbox_tg2_firmwarelt1.46
twinsoftlt12.4

Name	Operator	Version
tbox_lt2-530_firmware	lt	1.46
tbox_lt2-532_firmware	lt	1.46
tbox_lt2-540_firmware	lt	1.46
tbox_ms-cpu32-s2_firmware	lt	1.46
tbox_ms-cpu32_firmware	lt	1.46
tbox_rm2_firmware	lt	1.46
tbox_tg2_firmware	lt	1.46
twinsoft	lt	12.4

References

www.cisa.gov/uscert/ics/advisories/icsa-21-054-04