The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03 | Mitigation Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-06-29T20:30:13.093Z
Updated: 2023-06-29T20:30:13.093Z
Reserved: 2023-06-23T20:39:08.360Z
Link: CVE-2023-36607
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-29T21:15:09.917
Modified: 2023-07-07T18:43:19.817
Link: CVE-2023-36607
JSON object: View
Redhat Information
No data.
CWE