5 matches found
CVE-2023-36611
creationtimestamp| type| source ---|---|--- 2023-07-04 00:23:06+00:00| seen| https://t.me/cibsecurity/65895...
CVE-2023-36611
The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens...
CVE-2023-36611
The CVE-2023-36611 issue affects Ovarro TBox RTUs and is described as an improper authorization vulnerability: low-privilege (user) access can reach higher-privilege software security tokens, potentially allowing access to files requiring higher privileges via SSH and token provisioning. Affected...
CVE-2023-36611
The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens...
Ovarro TBox RTUs
1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ovarro Equipment: TBox RTUs Vulnerabilities: Missing Authorization, Use of Broken or Risky Cryptographic Algorithm, Inclusion of Functionality from Untrusted Control Sphere, Insufficient Entropy,...