ID
VAR-202411-1369
CVE
CVE-2024-47407
TITLE
mySCADA myPRO Manager OS Command Injection Vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2024-46409
DESCRIPTION
A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands. mySCADA myPRO is a professional HMI/SCADA system designed primarily for visualization and control of industrial processes
Trust: 1.44
sources:
NVD: CVE-2024-47407 //
CNVD: CNVD-2024-46409
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2024-46409
AFFECTED PRODUCTS
| vendor: | myscada | model: | mypro manager | scope: | lt | version: | 1.3 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-46409
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2024-46409 //
NVD: CVE-2024-47407
PROBLEMTYPE DATA
| problemtype: | CWE-78 | Trust: 1.0 |
sources:
NVD: CVE-2024-47407
PATCH
| title: | Patch for mySCADA myPRO Manager OS Command Injection Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/634296 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-46409
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-47407 | Trust: 1.6 |
| db: | ICS CERT | id: | ICSA-24-326-07 | Trust: 1.6 |
| db: | CNVD | id: | CNVD-2024-46409 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-46409 //
NVD: CVE-2024-47407
REFERENCES
| url: | https://www.cisa.gov/news-events/ics-advisories/icsa-24-326-07 | Trust: 1.6 |
sources:
CNVD: CNVD-2024-46409 //
NVD: CVE-2024-47407
SOURCES
| db: | CNVD | id: | CNVD-2024-46409 |
| db: | NVD | id: | CVE-2024-47407 |
LAST UPDATE DATE
2024-11-29T22:48:08.493000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2024-46409 | date: | 2024-11-28T00:00:00 |
| db: | NVD | id: | CVE-2024-47407 | date: | 2024-11-22T23:15:05.347 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2024-46409 | date: | 2024-11-28T00:00:00 |
| db: | NVD | id: | CVE-2024-47407 | date: | 2024-11-22T23:15:05.347 |