ScadaBR Missing Authentication Vulnerability Allowing Injection of Arbitrary Sensor Readings

Vulnerability

A vulnerability in ScadaBR version 1.2.0 allows unauthenticated attackers to send HTTP GET requests to the SCADA system and inject arbitrary sensor readings. This issue arises from a missing authentication for critical functions, enabling unauthorized manipulation of sensor data.

Impact

Exploitation of this vulnerability could lead to unauthorized injection of sensor readings, allowing for manipulation of data within the SCADA system.

Added: May 19, 2026, 6:36 PM

Updated: May 19, 2026, 6:36 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

8.8

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ScadaBR Missing Authentication Vulnerability Allowing Injection of Arbitrary Sensor Readings

Vulnerability

Impact

Affected Products

ScadaBR

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating