PT-2025-48405 · Undefined · Undefined
Published
2025-11-30
·
Updated
2025-11-30
·
CVE-2022-35420
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
opening the vault on a 3-year-old vulnerability: CVE-2022-35420
back in 2022, I got bored and decided to hunt for a zero-day instead of writing the red-team report. I found an unauthenticated admin takeover in a SCADA system used to control real-world physical machinery.
I waited until now to publish the details because the exploit is easy and can lead to real-world physical harm. blog post link in 1st reply
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined