Myscada

Mypro

28 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-35941

  • EPSS 0.03%
  • Veröffentlicht 11.06.2025 13:15:50
  • Zuletzt bearbeitet 12.06.2025 16:06:20

A password is exposed locally.

9.8

CVE-2025-25067

  • EPSS 0.79%
  • Veröffentlicht 13.02.2025 22:15:12
  • Zuletzt bearbeitet 23.04.2025 18:45:35

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands.

9.8

CVE-2025-24865

  • EPSS 64.09%
  • Veröffentlicht 13.02.2025 22:15:12
  • Zuletzt bearbeitet 04.03.2025 20:59:05

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.

6.5

CVE-2025-23411

  • EPSS 0.05%
  • Veröffentlicht 13.02.2025 22:15:11
  • Zuletzt bearbeitet 04.03.2025 20:59:05

mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website.

7.5

CVE-2025-22896

  • EPSS 45.91%
  • Veröffentlicht 13.02.2025 22:15:11
  • Zuletzt bearbeitet 04.03.2025 20:59:05

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information.

9.8

CVE-2024-4708

  • EPSS 0.26%
  • Veröffentlicht 02.07.2024 23:15:10
  • Zuletzt bearbeitet 21.11.2024 09:43:25

mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code on the affected device.

8.8

CVE-2023-29169

  • EPSS 0.11%
  • Veröffentlicht 27.04.2023 23:15:15
  • Zuletzt bearbeitet 17.01.2025 18:15:22

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

8.8

CVE-2023-29150

  • EPSS 0.11%
  • Veröffentlicht 27.04.2023 23:15:15
  • Zuletzt bearbeitet 17.01.2025 18:15:22

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

8.8

CVE-2023-28716

  • EPSS 0.11%
  • Veröffentlicht 27.04.2023 23:15:14
  • Zuletzt bearbeitet 17.01.2025 17:15:08

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

8.8

CVE-2023-28400

  • EPSS 4.39%
  • Veröffentlicht 27.04.2023 23:15:14
  • Zuletzt bearbeitet 17.01.2025 17:15:08

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.