CVE-2024-47138
published 2024-11-22CVE-2024-47138: The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed.
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.75%
50.3th percentile
The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| myscada | mypro_manager | < 1.3 | 1.3 |
| myscada | mypro_runtime | < 9.2.1 | 9.2.1 |
Detection & IOCsextracted from sources · hover to see the quote
- →The mySCADA myPRO Manager administrative interface listens by default on all interfaces on a TCP port without requiring authentication — monitor for unauthenticated inbound TCP connections to the administrative port on myPRO Manager hosts. ↗
- →Alert on any remote access to the mySCADA myPRO Manager administrative interface from untrusted or internet-facing networks, as the service is exposed on all interfaces by default with no authentication barrier. ↗
- ·CVE-2024-47138 affects mySCADA myPRO Manager versions prior to 1.3 and myPRO Runtime versions prior to 9.2.1. The administrative interface binds to all network interfaces by default, making it reachable from any network segment without authentication. ↗
- ·No specific TCP port number for the vulnerable administrative interface is disclosed in the available sources; defenders should enumerate listening ports on myPRO Manager hosts to identify the exact port. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.09.3CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gv5m-rffc-c6x7: The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed
ghsa_unreviewed·2024-11-23
CVE-2024-47138 [CRITICAL] CWE-306 GHSA-gv5m-rffc-c6x7: The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed
The administrative interface listens by default on all interfaces on a TCP port and does not require authentication when being accessed.
CISA ICS
mySCADA myPRO Manager
cisa_ics·2024-11-21·CVSS 10.0
[CRITICAL] mySCADA myPRO Manager
ICS Advisory
##
mySCADA myPRO Manager
Release DateNovember 21, 2024
Alert CodeICSA-24-326-07
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: mySCADA
- Equipment: myPRO
- Vulnerabilities: OS Command Injection, Improper Authentication, Missing Authentication for Critical Function, Path Traversal.
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands or disclose sensitive information.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following mySCADA products are affected:
- myPRO Manager: Versions prior to 1.3
- myPRO Runti
No detection rules found.
No public exploits indexed.
2024-11-22
Published