CVE-2023-29169
CVE-2023-29169

8.8HIGH

Key Information:

Vendor: Myscada Technologies
Status: Myscada Mypro
Vendor: CVE Published:; 27 April 2023

Summary

In mySCADA myPRO versions 8.26.0 and earlier, an authenticated user can exploit a vulnerability that allows the injection of arbitrary operating system commands. This issue poses risks to system integrity and could lead to unauthorized command execution, potentially compromising the functionality and security of affected systems.

Affected Version(s)

mySCADA myPRO 0 <= 8.26.0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-0...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 27, 2023
Vulnerability Reserved
Apr 3, 2023