What the vulnerability does
01Description
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive system information.
CVSS base score
8.2/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Key dates
02Disclosure timeline
May 13, 2022
CVE published
April 16, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-28051
CVE-2021-22853 Soar Cloud System Co., Ltd. HR Portal - Broken Access Control
CVE-2025-43563 ColdFusion | Improper Access Control (CWE-284)
CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
CVE-2023-35179 2FA/MFA Bypass Vulnerability in Serv-U 15.4
