CVE-2024-3980
- EPSS 0.48%
- Veröffentlicht 27.08.2024 13:15:05
- Zuletzt bearbeitet 30.10.2024 15:33:12
The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names that are used in filesystem operations. If exploited the vulnerability allows the attacker to access or modify system files or other fi...
CVE-2024-4872
- EPSS 0.37%
- Veröffentlicht 27.08.2024 13:15:05
- Zuletzt bearbeitet 30.10.2024 15:31:41
A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker mu...
CVE-2022-3388
- EPSS 0.46%
- Veröffentlicht 21.11.2022 19:15:13
- Zuletzt bearbeitet 23.07.2025 21:15:25
An input validation vulnerability exists in the Monitor Pro interface of MicroSCADA Pro and MicroSCADA X SYS600. An authenticated user can launch an administrator level remote code execution irrespective of the authenticated user's role.
CVE-2019-5620
- EPSS 79.33%
- Veröffentlicht 29.04.2020 23:15:13
- Zuletzt bearbeitet 21.11.2024 04:45:15
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication for Critical Function.