Unrated severityNVD Advisory· Published Jul 3, 2023· Updated Oct 25, 2024
CVE-2023-36610
CVE-2023-36610
Description
The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the software tokens is not initialized correctly, and other parts of the token are generated using predictable time-based values. An attacker with this knowledge could successfully brute force the token and authenticate themselves.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.cisa.gov/news-events/ics-advisories/icsa-23-180-03mitregovernment-resource
News mentions
0No linked articles in our index yet.