How severe is CVE-2023-36609?

CVE-2023-36609 has a CVSS v3 score of 7.2 (HIGH).

CVE-2023-36609

7.2HIGH

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host

发布于: 7/3/2023更新于: 11/21/2024

描述

The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script onto the TBox host to acquire root privileges.

AI分析AI驱动

受影响产品

ovarrotbox_ms-cpu32_firmware

ovarrotbox_ms-cpu32

ovarrotbox_ms-cpu32-s2_firmware

ovarrotbox_ms-cpu32-s2

ovarrotbox_lt2_firmware

ovarrotbox_lt2

ovarrotbox_tg2_firmware

ovarrotbox_tg2

ovarrotbox_rm2_firmware

ovarrotbox_rm2

参考资料

https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03
MitigationThird Party AdvisoryUS Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03
MitigationThird Party AdvisoryUS Government Resource