Stored XSS Vulnerability in OpenPLC ScadaBR on Linux and Windows

CVE-2021-26829

What is CVE-2021-26829?

CVE-2021-26829 is a stored cross-site scripting (XSS) vulnerability found in OpenPLC ScadaBR, a software platform designed for industrial automation and control system management. This vulnerability specifically affects versions of the software running on Linux (up to 0.9.1) and Windows (up to 1.12.4). The flaw occurs in the system_settings.shtm file, which can be exploited by an attacker to inject malicious scripts into the application. When a user interacts with affected components, the injected script can execute in their browser, leading to the potential theft of sensitive information, unauthorized actions performed on behalf of the user, or even redirection to malicious websites. The presence of this vulnerability can severely undermine the integrity and security of operational technologies within an organization, particularly in environments where OpenPLC ScadaBR is utilized for critical automation tasks.

Potential impact of CVE-2021-26829

1. Data Theft: Exploiting this vulnerability can lead to unauthorized access to sensitive information stored within the application, potentially including user credentials, operational data, and intellectual property.

2. Unauthorized Actions: Attackers can perform actions on behalf of legitimate users, such as modifying settings or executing commands within the control system, leading to potential disruptions in industrial processes or system integrity.

3. Reputation Damage: Organizations impacted by this vulnerability could face reputational harm, particularly if exploitations lead to service outages, data breaches, or compliance violations, ultimately eroding customer trust and business credibility.

References