Vulnerabilities (CVE)

Filtered by vendor Scada-lts Subscribe
Filtered by product Scada-lts
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-33472 1 Scada-lts 1 Scada-lts 2024-10-24 N/A 8.8 HIGH
An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and before, allows remote attackers with low-level authentication to escalate privileges, execute arbitrary code, and obtain sensitive information via Event Handlers function.
CVE-2024-7901 1 Scada-lts 1 Scada-lts 2024-08-20 4.0 MEDIUM 5.4 MEDIUM
A vulnerability has been found in Scada-LTS 2.7.8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /Scada-LTS/app.shtm#/alarms/Scada of the component Message Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: A fix is planned for the upcoming release at the end of September 2024.
CVE-2022-41976 1 Scada-lts 1 Scada-lts 2024-02-28 N/A 8.8 HIGH
An privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile.