Search Results | AttackerKB

Show filters

Topics 36 Users 9,708

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

36 Total Results

Displaying 11-20 of 36

Attacker Value

Unknown

CVE-2024-45369

Disclosure Date: November 22, 2024 (last updated January 05, 2025)

The web application uses a weak authentication mechanism to verify that a request is coming from an authenticated and authorized resource.

0

Attacker Value

Unknown

CVE-2024-4708

Disclosure Date: July 02, 2024 (last updated August 30, 2024)

mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code on the affected device.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-29169

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-29150

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-28716

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-28400

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-28384

Disclosure Date: April 27, 2023 (last updated October 08, 2023)

mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-2234

Disclosure Date: August 23, 2022 (last updated October 08, 2023)

An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2022-0999

Disclosure Date: April 11, 2022 (last updated October 07, 2023)

An authenticated user may be able to misuse parameters to inject arbitrary operating system commands into mySCADA myPRO versions 8.25.0 and prior.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2021-23198

Disclosure Date: December 21, 2021 (last updated October 07, 2023)

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.

Attack Vector: Network Privileges: None User Interaction: None

0