The vulnerability of the microprogrammed software of the programmable logic controller ScadaFlex II SCADA Controller SC-1/SC-2 lies in the absence of authentication procedures, allowing unauthorized access to the device without being authenticated.

The vulnerability of the controller is related to the absence of authentication procedures. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the device...