Rapid Scada Security Vulnerabilities and Issues — Rapid Scada CVE List

Lucene search

RapidscadaRapid Scada

11 matches found

CVE•added 2024/02/02 12:15 a.m.•56 views

CVE-2024-22016

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege escalation.

7.8CVSS7.6AI score0.00047EPSS

CVE•added 2024/02/02 12:15 a.m.•54 views

CVE-2024-21764

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific port.

9.8CVSS9.2AI score0.00082EPSS

CVE•added 2024/02/02 12:15 a.m.•48 views

CVE-2024-21794

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login page.

5.4CVSS5.4AI score0.00029EPSS

CVE•added 2022/12/07 2:15 a.m.•47 views

CVE-2022-44153

Rapid Software LLC Rapid SCADA 5.8.4 is vulnerable to Cross Site Scripting (XSS).

6.1CVSS6.1AI score0.0009EPSS

CVE•added 2024/02/01 11:15 p.m.•45 views

CVE-2024-21852

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code execution.

8.8CVSS8.7AI score0.01151EPSS

CVE•added 2024/09/22 1:15 a.m.•43 views

CVE-2024-47221

CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.

7.5CVSS7AI score0.00138EPSS

CVE•added 2024/02/02 12:15 a.m.•41 views

CVE-2024-22096

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the system.

6.5CVSS6.4AI score0.00126EPSS

CVE•added 2018/03/08 8:29 p.m.•38 views

CVE-2018-5313

A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker ...

7.8CVSS7.9AI score0.0004EPSS

CVE•added 2024/02/02 12:15 a.m.•38 views

CVE-2024-21869

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see them.

6.2CVSS5.3AI score0.00028EPSS

CVE•added 2020/08/14 4:15 p.m.•32 views

CVE-2020-22722

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An attacker can obtain admin privileges by placing a malicious .exe file in the application and renaming it ScadaAgentSvc.exe, which would result in executing the...

7.8CVSS7.6AI score0.00044EPSS

CVE•added 2024/02/02 12:15 a.m.•30 views

CVE-2024-21866

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed request.

5.3CVSS5.3AI score0.00074EPSS