Details of VAR-202104-1978

ID

VAR-202104-1978

TITLE

ATO Tech’s NATouch touch screen configuration software has an information disclosure vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-21765

DESCRIPTION

Autotop Technology Co., Ltd. (hereinafter referred to as “Atop Technology”), the company's products with independent intellectual property rights cover programmable controllers, man-machine interfaces, configuration software, etc. There is an information disclosure vulnerability in the NATouch touch screen configuration software of Autotech. Attackers can use vulnerabilities to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-21765

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-21765

AFFECTED PRODUCTS

vendor:

autotop

model:

natouch touch screen configuration software

scope:

version:

1.0.0.6

Trust: 0.6

sources: CNVD: CNVD-2021-21765

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-21765
value:	LOW
Trust: 0.6

CNVD:	CNVD-2021-21765
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-21765

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-21765

Trust: 0.6

sources: CNVD: CNVD-2021-21765

SOURCES

db:

CNVD

id:

CNVD-2021-21765

LAST UPDATE DATE

2022-05-04T09:46:01.333000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-21765

date:

2021-03-23T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-21765

date:

2021-04-15T00:00:00