CVE-2021-44453

Опубликовано: 23 дек. 2021

Источник: nvd

CVSS3: 10

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping utility, which may allow an attacker to inject arbitrary operating system commands.

Ссылки

https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-01
Third Party Advisory
US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:myscada:mypro:*:*:*:*:*:*:*:*

Версия до 8.20.0 (включая)

EPSS

Процентиль: 53%

0.00304

Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-g4cq-g5qh-x7hq

github

около 4 лет назад

mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping utility, which may allow an attacker to inject arbitrary operating system commands.

EPSS

Процентиль: 53%

0.00304

Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-78