Vulnerabilities > Ovarro > Tbox MS Cpu32 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-03 | CVE-2023-36609 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ovarro products The affected TBox RTUs run OpenVPN with root privileges and can run user defined configuration scripts. | 7.2 |
| 2022-07-28 | CVE-2021-22642 | Resource Exhaustion vulnerability in Ovarro products An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. | 7.5 |