Primary

Context

mySCADA myPRO OS Command Injection Vulnerability

Vulnerability

Patched

A command injection vulnerability has been identified in mySCADA myPRO Manager versions prior to 1.3 and myPRO Runtime versions prior to 9.2.1. The issue arises because the application does not properly sanitize POST requests containing email information, allowing attackers to execute arbitrary commands on the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of commands on the affected system.

Remediation

Users are advised to update to the latest versions of mySCADA PRO Manager (1.3) and mySCADA PRO Runtime (9.2.1).

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

7.0

remediation

7.9

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

mySCADA myPRO OS Command Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

mySCADA myPRO Manager

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating