← volver
CVE-2025-24865

mySCADA myPRO Manager Missing Authentication for Critical Function

CVSS 10 CRITICALEPSS 6.8%CWE-306
The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Productos afectados
mySCADA · myPRO Manager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16https://www.myscada.org/contacts/https://www.myscada.org/downloads/mySCADAPROManager/