PT-2025-7049 · Myscada · Myscada Mypro Manager

Michael Heinzl

Published

2025-01-31

Updated

2025-03-04

CVE-2025-25067

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions mySCADA myPRO Manager (affected versions not specified)

Description The issue exists due to the lack of measures to neutralize special elements, which could allow a remote attacker to execute arbitrary OS commands. This is an OS command injection vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

BDU:2025-01754

CVE-2025-25067

Affected Products

Myscada Mypro Manager

PT-2025-7049 · Myscada · Myscada Mypro Manager

CVE-2025-25067

Weakness Enumeration

Related Identifiers

Affected Products

References · 22