CVE-2021-22646 Information

Description

The “ipk” package containing the configuration created by TWinSoft can be uploaded extracted and executed in Ovarro TBox allowing malicious code execution.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-21-054-04