Filtered by vendor Ovarro Subscriptions
Filtered by product Tbox Lt2-530 Firmware Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-22650 1 Ovarro 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more 2024-11-21 7.5 High
An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.
CVE-2021-22648 1 Ovarro 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more 2024-11-21 8.8 High
Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file.
CVE-2021-22646 1 Ovarro 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more 2024-11-21 8.8 High
The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.
CVE-2021-22644 1 Ovarro 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more 2024-11-21 7.5 High
Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key.
CVE-2021-22642 1 Ovarro 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more 2024-11-21 7.5 High
An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system.
CVE-2021-22640 1 Ovarro 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more 2024-11-21 7.5 High
An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks.