CVE-2023-4985

Name of the Vulnerable Software and Affected Versions Supcon InPlant SCADA up to 20230901

Description A critical issue has been discovered related to improper authentication in the handling of project file loading. This could potentially allow an attacker to elevate their privileges. The issue is associated with an unknown function of the file Project.xml and requires local access to exploit.

Recommendations For Supcon InPlant SCADA up to 20230901, consider restricting access to the Project.xml file and implementing additional authentication measures to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.