Hev0X

**Name of the Vulnerable Software and Affected Versions** Scada-LTS versions 2.7.5.2 build 4551883606 and before **Description** The issue is related to insufficient access control in the Event Handlers function of the Scada-LTS mult-platform web solution for creating Scada systems. This allows remote attackers with low-level authentication to escalate privileges, execute arbitrary code, and obtain sensitive information via the Event Handlers function. **Recommendations** For Scada-LTS versions 2.7.5.2 build 4551883606 and before, consider disabling the Event Handlers function as a temporary workaround until a patch is available. Restrict access to the Event Handlers function to minimize the risk of exploitation.