CVE-2021-22657

Summary

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter.

Affected Software

VendorProductVersion RangeStatus
mySCADAmyPROAll <= 8.20.0affected

Weaknesses

  • CWE-78: CWE-78 OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References