CVE-2021-22648

INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
The TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file.

Read more: Claroty Uncovers Vulnerabilities in Ovarro TBox RTUs

Risk Information

  • CVE ID
  • CVE-2021-22648
  • Vendor
  • Ovarro
  • Product
  • TBox
  • CVSS v3
  • 8.8