What the vulnerability does

01Description

Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate privileges on the system.

Key dates

02Disclosure timeline

April 26, 2021 CVE published
August 3, 2024 Record updated