RTU
by TBox
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-36611 | 0.00 | — | 0.00 | Jul 3, 2023 | The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens. | |||
| CVE-2023-36610 | 0.00 | — | 0.00 | Jul 3, 2023 | The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the software tokens is not initialized correctly, and other parts of the token are generated using predictable time-based values. An attacker with this… | |||
| CVE-2020-10624 | 0.00 | — | 0.01 | Jun 26, 2020 | ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network. | |||
| CVE-2020-10628 | 0.00 | — | 0.01 | Jun 26, 2020 | ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network. |
- CVE-2023-36611Jul 3, 2023risk 0.00cvss —epss 0.00
The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with “user” privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens.
- CVE-2023-36610Jul 3, 2023risk 0.00cvss —epss 0.00
The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the software tokens is not initialized correctly, and other parts of the token are generated using predictable time-based values. An attacker with this…
- CVE-2020-10624Jun 26, 2020risk 0.00cvss —epss 0.01
ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes a session token on the network.
- CVE-2020-10628Jun 26, 2020risk 0.00cvss —epss 0.01
ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R140, R150, and R151) exposes unencrypted passwords on the network.