CVE-2024-4708

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: mySCADA myPRO (affected versions not specified)

Description: The issue is related to the use of hard-coded credentials in mySCADA myPRO, which could allow a remote attacker to execute code on the affected device. The hardcoded password is brumla. This could enable an attacker to gain access to the system. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-259CWE-798

Related Identifiers

BDU:2024-05050

CVE-2024-4708

ZDI-24-1226

Affected Products

Myscada Mypro

CVE-2024-4708

Weakness Enumeration

Related Identifiers

Affected Products

References · 11