CRITICAL🇵🇱 Wersja polska

CVE-2021-43987

CVSS 9.8v3.1pub. 2021-12-23upd. 2024-11-21

An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and prior that is not exposed through the web interface, which cannot be deleted or changed through the regular web interface.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Myscada Mypro

    APP
    Myscada
    ≤ 8.20.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-25067CRITICAL9.3PL ✓ten sam produkt

Command Injection w mySCADA myPRO Manager — zdalne wykonanie poleceń OS

CVE-2025-24865CRITICAL10.0PL ✓ten sam produkt

Brak uwierzytelnienia w panelu administracyjnym mySCADA myPRO Manager

CVE-2025-22896CRITICAL9.2PL ✓ten sam produkt

mySCADA myPRO Manager — przechowywanie poświadczeń w postaci jawnej (cleartext)

CVE-2024-4708CRITICAL9.3PL ✓ten sam produkt

mySCADA myPRO — hardcoded password umożliwiający zdalne wykonanie kodu

CVE-2022-2234CRITICAL9.9ten sam produkt

An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the op...