CVE-2025-22896

Critical CVSS: 9.2

mySCADA myPRO Manager

stores credentials in cleartext, which could allow an attacker to obtain sensitive information.

Vendor

Product

CWE

Yayın Tarihi

2025-02-13 22:15:11

Güncelleme

2025-03-04 21:25:33

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

CWE-312 Mypro CRITICAL Myscada 2025

https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16 https://www.myscada.org/contacts/ https://www.myscada.org/downloads/mySCADAPROManager/

Critical

CVE-2025-24865

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an…

Critical

CVE-2025-25067

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrar…

Medium

CVE-2025-23411

mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sens…