![]() Claroty also discovered denial-of-service, memory corruption, and security bypass vulnerabilities in TBox.Claroty researchers found vulnerabilities in implementations of Ovarro’s proprietary version of the Modbus protocol, allowing them to modify ipk update packages with malicious code.TBox RTUs have a web interface that is used for remote automation and monitoring of assets in a number of critical infrastructure sectors.ICS-CERT has published an advisory with technical details for all affected products, as well as mitigation advice.All TBox models are affected, as are all versions prior to TWinSoft 12.4. ![]() ![]() All users are urged to update immediately. Ovarro has patched all of the vulnerabilities privately disclosed by Claroty in TBox firmware version 1.46 and TWinSOft version 12.4.The Claroty Research Team found and disclosed vulnerabilities affecting Ovarro’s TBox remote terminal units (RTUs) and its TWinSoft engineering software that left these devices exposed to the internet and unprotected from threat actors, regardless of their capabilities. By Uri Katz and Sharon Brizinov | March 23, 2021
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |