Lucene search
HistoryApr 27, 2023 - 11:15 p.m.
CVE-2023-28400
myscada
mypro
vulnerability
exploit
operating system commands
authenticated user
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.001
Percentile
31.6%
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
Affected configurations
Node
myscadamyproRange≤8.26.0
Related
cve
cve
CVE-2023-28400
2023-04-27 23:15:14
prion
prion
Design/Logic Flaw
2023-04-27 23:15:00
cvelist
cvelist
CVE-2023-28400 CVE-2023-28400
2023-04-27 22:18:43
ics
ics
mySCADA myPRO
2023-04-06 12:00:00
thn
thn
CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products
2023-04-07 05:59:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.001
Percentile
31.6%
Related for NVD:CVE-2023-28400