Measuresoft Security Vulnerabilities
The entire parent directory - C:\ScadaPro and its sub-directories and files are configured by default to allow user, including unprivileged users, to write or overwrite...
5.5CVSS
6.8AI Score
0.0004EPSS
Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project...
7.8CVSS
7.7AI Score
0.003EPSS
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM...
7.8CVSS
7.6AI Score
0.0005EPSS
Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project...
7.8CVSS
7.6AI Score
0.001EPSS
Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project...
7.8CVSS
7.4AI Score
0.001EPSS
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege...
7.8CVSS
7.5AI Score
0.001EPSS
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service...
5.5CVSS
5.6AI Score
0.001EPSS
Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project...
7.8CVSS
7.8AI Score
0.002EPSS