← voltar
CVE-2025-24865

mySCADA myPRO Manager Missing Authentication for Critical Function

CVSS 10 CRITICALEPSS 6.8%CWE-306
The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Produtos afetados
mySCADA · myPRO Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16https://www.myscada.org/contacts/https://www.myscada.org/downloads/mySCADAPROManager/