CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-36609

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.8%

CVSS Severity

CVSS v3 Score 7.2

References

Products affected by CVE-2023-36609

Ovarro » Tbox Lt2 » Version: N/A

cpe:2.3:h:ovarro:tbox_lt2:-
Ovarro » Tbox Ms-Cpu32-S2 » Version: N/A

cpe:2.3:h:ovarro:tbox_ms-cpu32-s2:-
Ovarro » Tbox Ms-Cpu32 » Version: N/A

cpe:2.3:h:ovarro:tbox_ms-cpu32:-
Ovarro » Tbox Rm2 » Version: N/A

cpe:2.3:h:ovarro:tbox_rm2:-
Ovarro » Tbox Tg2 » Version: N/A

cpe:2.3:h:ovarro:tbox_tg2:-
Ovarro » Tbox Lt2 Firmware » Version: N/A

cpe:2.3:o:ovarro:tbox_lt2_firmware:-
Ovarro » Tbox Lt2 Firmware » Version: 1.46

cpe:2.3:o:ovarro:tbox_lt2_firmware:1.46
Ovarro » Tbox Lt2 Firmware » Version: 1.50.598

cpe:2.3:o:ovarro:tbox_lt2_firmware:1.50.598
Ovarro » Tbox Ms-Cpu32-S2 Firmware » Version: N/A

cpe:2.3:o:ovarro:tbox_ms-cpu32-s2_firmware:-
Ovarro » Tbox Ms-Cpu32 Firmware » Version: N/A

cpe:2.3:o:ovarro:tbox_ms-cpu32_firmware:-
Ovarro » Tbox Rm2 Firmware » Version: N/A

cpe:2.3:o:ovarro:tbox_rm2_firmware:-
Ovarro » Tbox Tg2 Firmware » Version: N/A

cpe:2.3:o:ovarro:tbox_tg2_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-36609

Products

Pricing

Contact Us