How severe is CVE-2023-36609?

CVE-2023-36609 has a CVSS v3 score of 7.2 (HIGH).

CVE-2023-36609

7.2HIGH

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host

게시됨: 7/3/2023업데이트됨: 11/21/2024

설명

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges.

AI 분석AI 기반

영향받는 제품

ovarrotbox_ms-cpu32_firmware

ovarrotbox_ms-cpu32

ovarrotbox_ms-cpu32-s2_firmware

ovarrotbox_ms-cpu32-s2

ovarrotbox_lt2_firmware

ovarrotbox_lt2

ovarrotbox_tg2_firmware

ovarrotbox_tg2

ovarrotbox_rm2_firmware

ovarrotbox_rm2

참조

https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03
MitigationThird Party AdvisoryUS Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03
MitigationThird Party AdvisoryUS Government Resource