Lucene search
IcscertCVE-2023-28716HistoryApr 27, 2023 - 11:15 p.m.
CVE-2023-28716
2023-04-2723:15:14
CWE-78
icscert
web.nvd.nist.gov
26
cve-2023-28716
myscada
mypro
operating system command injection
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
31.6%
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
Affected configurations
Node
myscadamyproRange≤8.26.0
CNA Affected
[
{
"vendor": "mySCADA Technologies",
"product": "mySCADA myPRO",
"versions": [
{
"status": "affected",
"version": "0",
"lessThanOrEqual": "8.26.0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-28716
2023-04-27 23:15:14
prion
prion
Design/Logic Flaw
2023-04-27 23:15:00
cvelist
cvelist
CVE-2023-28716 CVE-2023-28716
2023-04-27 22:11:48
ics
ics
mySCADA myPRO
2023-04-06 12:00:00
thn
thn
CISA Warns of Critical ICS Flaws in Hitachi, mySCADA, ICL, and Nexx Products
2023-04-07 05:59:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.5
Confidence
High
EPSS
0.001
Percentile
31.6%
Related for CVE-2023-28716