Lucene search
IcscertCVELIST:CVE-2022-0999HistoryApr 11, 2022 - 7:38 p.m.
CVE-2022-0999 mySCADA myPRO Command Injection
2022-04-1119:38:30
CWE-77
icscert
www.cve.org
1
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
51.2%
An authenticated user may be able to misuse parameters to inject arbitrary operating system commands into mySCADA myPRO versions 8.25.0 and prior.
CNA Affected
[
{
"product": "myPRO",
"vendor": "mySCADA",
"versions": [
{
"lessThanOrEqual": "8.25.0",
"status": "affected",
"version": "5.59",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-0999
2022-04-11 20:15:16
cve
cve
CVE-2022-0999
2022-04-11 20:15:16
ics
ics
mySCADA myPRO
2022-03-24 12:00:00
prion
prion
Authentication flaw
2022-04-11 20:15:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
51.2%
Related for CVELIST:CVE-2022-0999