CVE-2022-2896

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Measuresoft ScadaPro Server (All Versions)

Description The issue is related to a use-after-free condition when processing a specific project file, which can allow an attacker to execute arbitrary code remotely. This is associated with the improper use of memory after it has been freed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-121

Related Identifiers

BDU:2022-05519

CVE-2022-2896

ZDI-22-1143

Affected Products

Measuresoft Scadapro Server

CVE-2022-2896

Weakness Enumeration

Related Identifiers

Affected Products

References · 5