cbcvebase.
CVE-2021-43989
published 2021-12-23

CVE-2021-43989: mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker to crack the previously retrieved password hashes.

PriorityP343high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.65%
46.5th percentile
mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker to crack the previously retrieved password hashes.

Affected

2 ranges
VendorProductVersion rangeFixed in
myscadamypro<= 8.20.0
myscadamyproAll – 8.20.0

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.