CVE-2021-22648
INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
The TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file.
Read more: Claroty Uncovers Vulnerabilities in Ovarro TBox RTUs
Risk Information
- CVE ID
- CVE-2021-22648
- Vendor
- Ovarro
- Product
- TBox
- CVSS v3
- 8.8