Microscada X Sys600 Security Vulnerabilities - CVSS Score 9 - 10

CVE-2024-3980

The product allows user input to control or influence paths or filenames that are used in filesystem operations, allowing the attacker to access or modify system files or other files that arecritical to the application.

CVE-2024-4872

The product does not validate any query towards persistentdata, resulting in a risk of injection attacks.

CVE-2024-7940

The product exposes a service that is intended for local only toall network interfaces without any authentication.