{"vulnerability": "CVE-2021-2264", "sightings": [{"uuid": "40d6161f-bed6-43e8-8fc4-0aa87fc1eed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22648", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12264", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-22648\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file.\n\ud83d\udccf Published: 2022-07-28T14:18:45.000Z\n\ud83d\udccf Modified: 2025-04-17T15:48:58.949Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04", "creation_timestamp": "2025-04-17T15:57:47.000000Z"}, {"uuid": "4feeca9a-81d2-4a2d-8c3c-b33e9b6b0b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22640", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12261", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-22640\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks.\n\ud83d\udccf Published: 2022-07-28T14:18:04.000Z\n\ud83d\udccf Modified: 2025-04-17T15:49:20.437Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04", "creation_timestamp": "2025-04-17T15:57:44.000000Z"}, {"uuid": "83c67d30-e80d-43fb-879d-5d594ae57b38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22646", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12269", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-22646\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The \u201cipk\u201d package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.\n\ud83d\udccf Published: 2022-07-28T14:19:30.000Z\n\ud83d\udccf Modified: 2025-04-17T15:48:32.572Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04", "creation_timestamp": "2025-04-17T15:57:54.000000Z"}, {"uuid": "9c5b894b-b806-45b9-96c9-8c4f168baf2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22642", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12260", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-22642\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system.\n\ud83d\udccf Published: 2022-07-28T14:17:44.000Z\n\ud83d\udccf Modified: 2025-04-17T15:49:28.131Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04", "creation_timestamp": "2025-04-17T15:57:43.000000Z"}, {"uuid": "b51430fc-0b07-42a5-ab86-6a5e31b347a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22644", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12266", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-22644\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Ovarro TBox TWinSoft uses the custom hardcoded user \u201cTWinSoft\u201d with a hardcoded key.\n\ud83d\udccf Published: 2022-07-28T14:19:10.000Z\n\ud83d\udccf Modified: 2025-04-17T15:48:47.601Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04", "creation_timestamp": "2025-04-17T15:57:52.000000Z"}, {"uuid": "e174a367-e5d6-4ee9-a871-53c24107bd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22640", "type": "seen", "source": "https://t.me/cibsecurity/47200", "content": "\u203c CVE-2021-22640 \u203c\n\nAn attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T18:12:27.000000Z"}, {"uuid": "8deb2269-077f-45da-8cf2-2c81ede56a1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22648", "type": "seen", "source": "https://t.me/cibsecurity/47203", "content": "\u203c CVE-2021-22648 \u203c\n\nOvarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T18:12:33.000000Z"}, {"uuid": "9a387b81-ea7e-4002-8edc-0a6c4387808e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22646", "type": "seen", "source": "https://t.me/cibsecurity/47201", "content": "\u203c CVE-2021-22646 \u203c\n\nThe \u00e2\u20ac\u0153ipk\u00e2\u20ac\ufffd package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T18:12:28.000000Z"}, {"uuid": "6e38f96a-9e15-471c-bdc2-4c066b80ae56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22644", "type": "seen", "source": "https://t.me/cibsecurity/47198", "content": "\u203c CVE-2021-22644 \u203c\n\nOvarro TBox TWinSoft uses the custom hardcoded user \u00e2\u20ac\u0153TWinSoft\u00e2\u20ac\ufffd with a hardcoded key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T18:12:25.000000Z"}, {"uuid": "d4013268-cff8-4e67-a5b3-db4548f9edbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22647", "type": "seen", "source": "https://t.me/cibsecurity/23975", "content": "\u203c CVE-2021-22647 \u203c\n\nLuxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to multiple out-of-bounds write issues while processing project files, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T07:34:27.000000Z"}, {"uuid": "983399cd-ee68-4f31-b55a-b4367f70bdd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22643", "type": "seen", "source": "https://t.me/cibsecurity/23977", "content": "\u203c CVE-2021-22643 \u203c\n\nLuxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T07:34:29.000000Z"}, {"uuid": "50c6c21d-914c-4cec-8321-ff3422dd3177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22645", "type": "seen", "source": "https://t.me/cibsecurity/23976", "content": "\u203c CVE-2021-22645 \u203c\n\nLuxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 are vulnerable to an attack because the .bip documents display a \u00e2\u20acœload\u00e2\u20ac\ufffd command, which can be pointed to a .dll from a remote network share. As a result, the .dll entry point can be executed without sufficient UI warning.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T07:34:28.000000Z"}, {"uuid": "a54669ad-dff3-4754-a88d-edf4418dc787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22649", "type": "seen", "source": "https://t.me/cibsecurity/23973", "content": "\u203c CVE-2021-22649 \u203c\n\nLuxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion KeyShot Network Rendering versions prior to 10.1, and Luxion KeyVR versions prior to 10.1 have multiple NULL pointer dereference issues while processing project files, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-23T07:34:26.000000Z"}, {"uuid": "283c27b1-39d8-405c-a98c-3fd0f5b9ca8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22641", "type": "seen", "source": "https://t.me/cibsecurity/22763", "content": "\u203c CVE-2021-22641 \u203c\n\nA heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-27T22:37:51.000000Z"}]}