CVE-2021-22650

Summary

An attacker may use TWinSoft and a malicious source project file (TPG) to extract files on machine executing Ovarro TWinSoft, which could lead to code execution.

Affected Software

VendorProductVersion RangeStatus
OvarroTBoxLT2affected
OvarroTBoxMS-CPU32affected
OvarroTBoxMS-CPU32-S2affected
OvarroTBoxRM2affected
OvarroTBoxTG2affected

Weaknesses

  • CVE-23

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References