CVE-2021-22646 (GCVE-0-2021-22646)

Vulnerability from cvelistv5 – Published: 2022-07-28 14:19 – Updated: 2025-04-17 15:48
VLAI
Title
Ovarro TBox Code Injection
Summary
The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.
Severity
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CVE-94
Assigner
References
Impacted products
Vendor Product Version
Ovarro TBox Affected: LT2
Affected: MS-CPU32
Affected: MS-CPU32-S2
Affected: RM2
Affected: TG2
Create a notification for this product.
Credits
Uri Katz of Claroty reported these vulnerabilities to CISA.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:44:14.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-22646",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-17T14:31:45.595869Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-17T15:48:32.572Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "TBox",
          "vendor": "Ovarro",
          "versions": [
            {
              "status": "affected",
              "version": "LT2"
            },
            {
              "status": "affected",
              "version": "MS-CPU32"
            },
            {
              "status": "affected",
              "version": "MS-CPU32-S2"
            },
            {
              "status": "affected",
              "version": "RM2"
            },
            {
              "status": "affected",
              "version": "TG2"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Uri Katz of Claroty reported these vulnerabilities to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The \u201cipk\u201d package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CVE-94",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-28T14:19:30.000Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Ovarro recommends affected users update to 12.5 or later of TWinSoft to mitigate these vulnerabilities.\n\nThe latest version can be found on www.ovarro.com in the customer support section (service portal)."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Ovarro TBox Code Injection",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2021-22646",
          "STATE": "PUBLIC",
          "TITLE": "Ovarro TBox Code Injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "TBox",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "LT2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "MS-CPU32"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "MS-CPU32-S2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "RM2"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "TG2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Ovarro"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Uri Katz of Claroty reported these vulnerabilities to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The \u201cipk\u201d package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CVE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04",
              "refsource": "CONFIRM",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Ovarro recommends affected users update to 12.5 or later of TWinSoft to mitigate these vulnerabilities.\n\nThe latest version can be found on www.ovarro.com in the customer support section (service portal)."
          }
        ],
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-22646",
    "datePublished": "2022-07-28T14:19:30.000Z",
    "dateReserved": "2021-01-05T00:00:00.000Z",
    "dateUpdated": "2025-04-17T15:48:32.572Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-22646",
      "date": "2026-05-28",
      "epss": "0.00993",
      "percentile": "0.77198"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ovarro:twinsoft:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"12.4\", \"matchCriteriaId\": \"B79BE17A-7179-430C-B8FD-C2F72EB23DBF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ovarro:tbox_lt2-530_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.46\", \"matchCriteriaId\": \"0DECA4DF-4FFE-42BC-94CE-490C1D2370B2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ovarro:tbox_lt2-530:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"86E78A8D-9B20-4162-81EA-E707224DA475\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ovarro:tbox_lt2-532_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.46\", \"matchCriteriaId\": \"B7D10411-651E-44DD-8C98-25CF7E183EAB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ovarro:tbox_lt2-532:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B08843AE-E7C3-44AD-9800-6EEEA00C1D60\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ovarro:tbox_lt2-540_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.46\", \"matchCriteriaId\": \"B7045481-F093-404D-B9E1-832D4EBA8712\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ovarro:tbox_lt2-540:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54D1B1BD-E3FF-4F4E-9248-0472BF3A4524\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ovarro:tbox_ms-cpu32_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.46\", \"matchCriteriaId\": \"25B291F2-EE60-4C51-BD3B-6233292EC144\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ovarro:tbox_ms-cpu32:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0746C27E-6100-430A-8005-F71C8D24E827\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ovarro:tbox_ms-cpu32-s2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.46\", \"matchCriteriaId\": \"959C6D18-D3B9-4819-945D-CD46251C63F2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ovarro:tbox_ms-cpu32-s2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1753583A-93AC-4DBE-8E2C-A4816B8D1D11\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ovarro:tbox_rm2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.46\", \"matchCriteriaId\": \"399E43B9-311F-428A-B924-44CF833634AF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ovarro:tbox_rm2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F73C576F-9BAB-4C8E-9B47-9C930B67C910\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:ovarro:tbox_tg2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.46\", \"matchCriteriaId\": \"B9786858-CD7C-4F05-A266-1C5C6AC46256\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:ovarro:tbox_tg2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"551340E5-D721-40F1-8D14-CBF87A68BFB3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The \\u201cipk\\u201d package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.\"}, {\"lang\": \"es\", \"value\": \"El paquete \\\"ipk\\\" que contiene la configuraci\\u00f3n creada por TWinSoft puede ser cargado, extra\\u00eddo y ejecutado en Ovarro TBox, permitiendo la ejecuci\\u00f3n de c\\u00f3digo malicioso\"}]",
      "id": "CVE-2021-22646",
      "lastModified": "2024-11-21T05:50:22.847",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2022-07-28T15:15:07.367",
      "references": "[{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-22646\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2022-07-28T15:15:07.367\",\"lastModified\":\"2025-04-17T16:15:22.370\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The \u201cipk\u201d package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.\"},{\"lang\":\"es\",\"value\":\"El paquete \\\"ipk\\\" que contiene la configuraci\u00f3n creada por TWinSoft puede ser cargado, extra\u00eddo y ejecutado en Ovarro TBox, permitiendo la ejecuci\u00f3n de c\u00f3digo malicioso\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ovarro:twinsoft:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"12.4\",\"matchCriteriaId\":\"B79BE17A-7179-430C-B8FD-C2F72EB23DBF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ovarro:tbox_lt2-530_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.46\",\"matchCriteriaId\":\"0DECA4DF-4FFE-42BC-94CE-490C1D2370B2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ovarro:tbox_lt2-530:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E78A8D-9B20-4162-81EA-E707224DA475\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ovarro:tbox_lt2-532_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.46\",\"matchCriteriaId\":\"B7D10411-651E-44DD-8C98-25CF7E183EAB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ovarro:tbox_lt2-532:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B08843AE-E7C3-44AD-9800-6EEEA00C1D60\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ovarro:tbox_lt2-540_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.46\",\"matchCriteriaId\":\"B7045481-F093-404D-B9E1-832D4EBA8712\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ovarro:tbox_lt2-540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D1B1BD-E3FF-4F4E-9248-0472BF3A4524\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ovarro:tbox_ms-cpu32_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.46\",\"matchCriteriaId\":\"25B291F2-EE60-4C51-BD3B-6233292EC144\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ovarro:tbox_ms-cpu32:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0746C27E-6100-430A-8005-F71C8D24E827\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ovarro:tbox_ms-cpu32-s2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.46\",\"matchCriteriaId\":\"959C6D18-D3B9-4819-945D-CD46251C63F2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ovarro:tbox_ms-cpu32-s2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1753583A-93AC-4DBE-8E2C-A4816B8D1D11\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ovarro:tbox_rm2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.46\",\"matchCriteriaId\":\"399E43B9-311F-428A-B924-44CF833634AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ovarro:tbox_rm2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F73C576F-9BAB-4C8E-9B47-9C930B67C910\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ovarro:tbox_tg2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.46\",\"matchCriteriaId\":\"B9786858-CD7C-4F05-A266-1C5C6AC46256\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ovarro:tbox_tg2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"551340E5-D721-40F1-8D14-CBF87A68BFB3\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T18:44:14.053Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-22646\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-17T14:31:45.595869Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-17T14:31:46.913Z\"}}], \"cna\": {\"title\": \"Ovarro TBox Code Injection\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"Uri Katz of Claroty reported these vulnerabilities to CISA.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Ovarro\", \"product\": \"TBox\", \"versions\": [{\"status\": \"affected\", \"version\": \"LT2\"}, {\"status\": \"affected\", \"version\": \"MS-CPU32\"}, {\"status\": \"affected\", \"version\": \"MS-CPU32-S2\"}, {\"status\": \"affected\", \"version\": \"RM2\"}, {\"status\": \"affected\", \"version\": \"TG2\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Ovarro recommends affected users update to 12.5 or later of TWinSoft to mitigate these vulnerabilities.\\n\\nThe latest version can be found on www.ovarro.com in the customer support section (service portal).\"}], \"references\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The \\u201cipk\\u201d package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"CVE-94\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2022-07-28T14:19:30.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"Uri Katz of Claroty reported these vulnerabilities to CISA.\"}], \"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"discovery\": \"EXTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"LT2\", \"version_affected\": \"=\"}, {\"version_value\": \"MS-CPU32\", \"version_affected\": \"=\"}, {\"version_value\": \"MS-CPU32-S2\", \"version_affected\": \"=\"}, {\"version_value\": \"RM2\", \"version_affected\": \"=\"}, {\"version_value\": \"TG2\", \"version_affected\": \"=\"}]}, \"product_name\": \"TBox\"}]}, \"vendor_name\": \"Ovarro\"}]}}, \"solution\": [{\"lang\": \"en\", \"value\": \"Ovarro recommends affected users update to 12.5 or later of TWinSoft to mitigate these vulnerabilities.\\n\\nThe latest version can be found on www.ovarro.com in the customer support section (service portal).\"}], \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\", \"name\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The \\u201cipk\\u201d package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CVE-94\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-22646\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Ovarro TBox Code Injection\", \"ASSIGNER\": \"ics-cert@hq.dhs.gov\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-22646\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-17T15:48:32.572Z\", \"dateReserved\": \"2021-01-05T00:00:00.000Z\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"datePublished\": \"2022-07-28T14:19:30.000Z\", \"assignerShortName\": \"icscert\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.