CVE-2025-23411

Medium CVSS: 5.1

mySCADA myPRO Manager
is vulnerable to cross-site request forgery (CSRF), which could allow
an attacker to obtain sensitive information. An attacker would need to
trick the victim in to visiting an attacker-controlled website.

Vendor

Myscada

Product

Mypro

CWE

CWE-352

Yayın Tarihi

2025-02-13 22:15:11

Güncelleme

2025-03-04 21:18:50

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-352 Mypro MEDIUM Myscada 2025

Referanslar

https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-16 https://www.myscada.org/contacts/ https://www.myscada.org/downloads/mySCADAPROManager/

Benzer Kayıtlar

Critical

CVE-2025-24865

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an…

Critical

CVE-2025-25067

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrar…

Critical

CVE-2025-22896

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information.