Vulnerabilities > Ovarro > Tbox RM2 Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-03 | CVE-2023-36610 | Unspecified vulnerability in Ovarro products ?The affected TBox RTUs generate software security tokens using insufficient entropy. | 5.9 |
| 2023-07-03 | CVE-2023-36611 | Unspecified vulnerability in Ovarro products The affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. | 6.5 |
| 2023-07-03 | CVE-2023-3395 | Cleartext Storage of Sensitive Information vulnerability in Ovarro products ?All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. | 6.5 |
| 2023-07-03 | CVE-2023-36608 | Unspecified vulnerability in Ovarro products The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure encryption algorithm. | 6.5 |
| 2023-06-29 | CVE-2023-36607 | Unspecified vulnerability in Ovarro products The affected TBox RTUs are missing authorization for running some API commands. | 5.3 |