cbcvebase.
CVE-2023-28400
published 2023-04-27

CVE-2023-28400: mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

PriorityP266high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
24.57%
97.6th percentile
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.

Affected

2 ranges
VendorProductVersion rangeFixed in
myscadamypro<= 8.26.0
myscada_technologiesmyscada_mypro<= 8.26.0

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2023-28400 is an OS Command Injection (CWE-78) vulnerability in mySCADA myPRO versions 8.26.0 and prior, exploitable by an authenticated remote user via injectable parameters. Public exploits are available.
  • Known public exploits specifically target this vulnerability; monitor for anomalous OS command execution originating from the myPRO HMI/SCADA process, especially on internet-exposed or network-accessible instances.
  • CVSS v3 score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) — network-accessible myPRO instances with low-privilege authenticated sessions should be treated as high-risk targets for command injection attempts.
  • ·The advisory does not specify which exact parameters are injectable, limiting the ability to write precise parameter-level detection signatures without further reverse engineering or PoC analysis.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.