Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-1934
HistoryMay 12, 2023 - 2:15 p.m.

Code injection

2023-05-1214:15:00
PRIOn knowledge base
www.prio-n.com
3
pnpscada
sdg technologies cc
postgresql injection
unauthorized access
ics data
ot data
sms logs

0.003 Low

EPSS

Percentile

71.6%

JSON

The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and passively. Consequently, malicious actors could gain access to vital information, such as Industrial Control System (ICS) and OT data, alongside other sensitive records like SMS and SMS Logs. The unauthorized database access exposes compromised systems to potential manipulation or breach of essential infrastructure data, highlighting the severity of this vulnerability.

CPENameOperatorVersion
pnpscadaeq2.200816204020

Related

zdt 1
cve 1
cvelist 1
packetstorm 1
ics 1
nvd 1
exploitdb 1
zdt
zdt
PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Vulnerability
2023-05-23 00:00:00
cve
cve
CVE-2023-1934
2023-05-12 14:15:09
cvelist
cvelist
CVE-2023-1934
2023-05-12 13:18:25
packetstorm
packetstorm
PnPSCADA 2.x SQL Injection
2023-05-24 00:00:00
ics
ics
SDG PnPSCADA
2023-05-11 12:00:00
nvd
nvd
CVE-2023-1934
2023-05-12 14:15:09
exploitdb
exploitdb
PnPSCADA v2.x - Unauthenticated PostgreSQL Injection
2023-05-23 00:00:00

0.003 Low

EPSS

Percentile

71.6%

JSON
Related for PRION:CVE-2023-1934
zdt1cve1cvelist1packetstorm1ics1nvd1exploitdb1