cbcvebase.
CVE-2025-24865
published 2025-02-13

CVE-2025-24865: The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve…

PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
6.82%
93.2th percentile
The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.

Affected

2 ranges
VendorProductVersion rangeFixed in
myscadamypro< 1.41.4
myscadamypro_manager< 1.41.4

Detection & IOCsextracted from sources · hover to see the quote

  • The administrative web interface of mySCADA myPRO Manager (versions prior to 1.4) is accessible without authentication — monitor for unauthenticated HTTP requests to the administrative web interface, particularly to the notification configuration page which returns cleartext credentials
  • The notification/configuration endpoint returns cleartext credentials without verifying authentication — detect unauthenticated GET/POST requests to the notification configuration page of myPRO Manager
  • A Metasploit auxiliary module exists for credential harvesting against mySCADA myPRO Manager — watch for exploitation tool signatures matching 'mypro_mgr_creds' module activity
  • Affected product is myPRO Manager versions prior to 1.4 — flag any internet-exposed instances of this product version in asset inventory
  • ·No known public exploitation specifically targeting these vulnerabilities had been reported to CISA at the time of advisory publication (February 13, 2025)
  • ·The vulnerability is exploitable remotely with low attack complexity and no authentication required — network-level controls (firewall, VPN isolation) are the primary compensating control until patching to v1.4

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.010.0CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.