CVE-2024-47138

Name of the Vulnerable Software and Affected Versions mySCADA myPRO versions (affected versions not specified) mySCADA myPRO Manager versions (affected versions not specified)

Description The issue is related to a lack of authentication for a critical function used in the operating system command. This can allow a remote attacker to bypass the authentication process. The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed.

Recommendations For mySCADA myPRO, consider restricting access to the administrative interface to minimize the risk of exploitation. For mySCADA myPRO Manager, restrict access to the administrative interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.