Authentication flaw

2024-01-1302:15:00

PRIOn knowledge base

www.prio-n.com

scada-lts

remote attackers

privilege escalation

arbitrary code

sensitive information

event handlers

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.7%

JSON

An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and before, allows remote attackers with low-level authentication to escalate privileges, execute arbitrary code, and obtain sensitive information via Event Handlers function.

CPENameOperatorVersion
scada-ltsle2.7.5.2

CPE	Name	Operator	Version
	scada-lts	le	2.7.5.2

References

hev0x.github.io/posts/scadalts-cve-2023-33472/