Vulnerabilities (CVE)

Filtered by vendor Myscada Subscribe
Filtered by product Mydesigner
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43555 1 Myscada 1 Mydesigner 2024-11-21 6.8 MEDIUM 7.3 HIGH
mySCADA myDESIGNER Versions 8.20.0 and prior fails to properly validate contents of an imported project file, which may make the product vulnerable to a path traversal payload. This vulnerability may allow an attacker to plant files on the file system in arbitrary locations or overwrite existing files, resulting in remote code execution.
CVE-2021-41578 1 Myscada 1 Mydesigner 2024-11-21 6.8 MEDIUM 7.8 HIGH
mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files. If an attacker can trick a victim into importing a malicious mep file, then they gain the ability to write arbitrary files to OS locations where the user has permission. This would typically lead to code execution.