Primary

Context

mySCADA myPRO Manager Cleartext Credential Storage Vulnerability

Vulnerability

A vulnerability exists in mySCADA myPRO Manager versions prior to 1.4, where credentials are stored in cleartext. This flaw could enable an attacker to access sensitive information. Additionally, the application is susceptible to other vulnerabilities, including OS command injection, missing authentication for critical functions, and cross-site request forgery (CSRF).

Impact

Exploitation of this vulnerability could allow unauthorized access to sensitive information by retrieving stored credentials.

Remediation

Users are advised to update to mySCADA myPRO Manager version 1.4. CISA recommends minimizing network exposure for control system devices, using firewalls to isolate control system networks from business networks, and employing secure remote access methods such as VPNs.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.8

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

mySCADA myPRO Manager Cleartext Credential Storage Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating