CVE-2025-9139

Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8.1

Description: A vulnerability exists in Scada-LTS 2.7.8.1 within an unknown functionality of the file /Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr. Manipulation of this functionality can lead to information disclosure. The attack can be performed remotely. The exploit has been publicly disclosed and may be utilized. The vendor states that the risks associated with this vulnerability appear minimal, as exploitation likely requires administrator permissions, and fixing the vulnerability will not reduce the overall risk from malicious administrator actions.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.