mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NMyscada Mypro
APPMyscada< 8.20.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2025-25067CRITICAL9.3PL ✓ten sam produkt
Command Injection w mySCADA myPRO Manager — zdalne wykonanie poleceń OS
CVE-2025-24865CRITICAL10.0PL ✓ten sam produkt
Brak uwierzytelnienia w panelu administracyjnym mySCADA myPRO Manager
CVE-2025-22896CRITICAL9.2PL ✓ten sam produkt
mySCADA myPRO Manager — przechowywanie poświadczeń w postaci jawnej (cleartext)
CVE-2024-4708CRITICAL9.3PL ✓ten sam produkt
mySCADA myPRO — hardcoded password umożliwiający zdalne wykonanie kodu
CVE-2022-2234CRITICAL9.9ten sam produkt
An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the op...