CVE-2023-3395 - OpenCVE

All versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory, including sensitive information associated with document, such as password. The attacker could then obtain the plaintext password by using a memory viewer.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ovarro	Tbox Lt2 Tbox Lt2 Firmware Tbox Ms-cpu32 Tbox Ms-cpu32-s2 Tbox Ms-cpu32-s2 Firmware Tbox Ms-cpu32 Firmware Tbox Rm2 Tbox Rm2 Firmware Tbox Tg2 Tbox Tg2 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:ovarro:tbox_ms-cpu32_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ovarro:tbox_ms-cpu32:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:ovarro:tbox_ms-cpu32-s2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ovarro:tbox_ms-cpu32-s2:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:ovarro:tbox_lt2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ovarro:tbox_lt2:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:ovarro:tbox_tg2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ovarro:tbox_tg2:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:ovarro:tbox_rm2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:ovarro:tbox_rm2:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03

History

No history.

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-07-03T20:04:17.653Z

Updated: 2024-08-02T06:55:03.225Z

Reserved: 2023-06-23T20:42:39.795Z

Link: CVE-2023-3395

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-07-03T21:15:10.107

Modified: 2023-11-07T04:18:40.710

Link: CVE-2023-3395

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3395", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-06-23T20:42:39.795Z", "datePublished": "2023-07-03T20:04:17.653Z", "dateUpdated": "2024-08-02T06:55:03.225Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TBox MS-CPU32", "vendor": "Ovarro", "versions": [{"lessThanOrEqual": "1.50.598", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "\u200bTBox MS-CPU32-S2", "vendor": "Ovarro", "versions": [{"lessThanOrEqual": "1.50.598", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TBox LT2", "vendor": "Ovarro", "versions": [{"lessThanOrEqual": "1.50.598", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TBox TG2", "vendor": "Ovarro", "versions": [{"lessThanOrEqual": "1.50.598", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "TBox RM2", "vendor": "Ovarro", "versions": [{"lessThanOrEqual": "1.50.598", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Floris Hendriks"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Jeroen Wijenbergh"}, {"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Radboud University"}], "datePublic": "2023-06-29T18:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<span style=\"background-color: rgb(255, 255, 255);\">\u200bAll versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory, including sensitive information associated with document, such as password. The attacker could then obtain the plaintext password by using a memory viewer.</span>\n\n"}], "value": "\n\u200bAll versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory, including sensitive information associated with document, such as password. The attacker could then obtain the plaintext password by using a memory viewer.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-256", "description": "CWE-256 Plaintext Storage of a Password", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-07-03T20:04:17.653Z"}, "references": [{"tags": ["government-resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:55:03.225Z"}, "title": "CVE Program Container", "references": [{"tags": ["government-resource", "x_transferred"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ovarro:tbox_ms-cpu32_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7876F5D-AF54-468B-A201-36021E8FEC16", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ovarro:tbox_ms-cpu32:-:*:*:*:*:*:*:*", "matchCriteriaId": "0746C27E-6100-430A-8005-F71C8D24E827", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ovarro:tbox_ms-cpu32-s2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "08D95811-0B73-414E-A643-CF3AFBD1EAA8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ovarro:tbox_ms-cpu32-s2:-:*:*:*:*:*:*:*", "matchCriteriaId": "1753583A-93AC-4DBE-8E2C-A4816B8D1D11", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ovarro:tbox_lt2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BFF572B-11C8-4353-93F5-74D48A055B1A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ovarro:tbox_lt2:-:*:*:*:*:*:*:*", "matchCriteriaId": "AACB5343-6982-4BC9-8173-E62160DF4595", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ovarro:tbox_tg2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "402F6FF6-C9A7-400F-834E-407147689D07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ovarro:tbox_tg2:-:*:*:*:*:*:*:*", "matchCriteriaId": "551340E5-D721-40F1-8D14-CBF87A68BFB3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ovarro:tbox_rm2_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "35408F1E-B380-4EBD-AF41-1388F1C5999B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ovarro:tbox_rm2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F73C576F-9BAB-4C8E-9B47-9C930B67C910", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\n\u200bAll versions of the TWinSoft Configuration Tool store encrypted passwords as plaintext in memory. An attacker with access to system files could open a file to load the document into memory, including sensitive information associated with document, such as password. The attacker could then obtain the plaintext password by using a memory viewer.\n\n"}], "id": "CVE-2023-3395", "lastModified": "2023-11-07T04:18:40.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-07-03T21:15:10.107", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-256"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}