Details of VAR-202501-3604

ID

VAR-202501-3604

CVE

CVE-2025-20061

TITLE

mySCADA myPRO Command Injection Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-25-088

DESCRIPTION

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system. Authentication is not required to exploit this vulnerability.The specific flaw exists within the web service, which listens on TCP port 34022 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call

Trust: 1.53

sources: NVD: CVE-2025-20061 // ZDI: ZDI-25-088

AFFECTED PRODUCTS

vendor:

myscada

model:

mypro

scope:

version:

Trust: 0.7

sources: ZDI: ZDI-25-088

CVSS

SEVERITY

CVSSV2

CVSSV3

ics-cert@hq.dhs.gov:	CVE-2025-20061
value:	CRITICAL
Trust: 1.0
ZDI:	CVE-2025-20061
value:	CRITICAL
Trust: 0.7

ics-cert@hq.dhs.gov:	CVE-2025-20061
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2025-20061
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-25-088 // NVD: CVE-2025-20061

PROBLEMTYPE DATA

problemtype:

CWE-78

Trust: 1.0

sources: NVD: CVE-2025-20061

PATCH

title:

mySCADA has issued an update to correct this vulnerability.

url:

https://www.cisa.gov/news-events/ics-advisories/icsa-25-023-01

Trust: 0.7

sources: ZDI: ZDI-25-088

EXTERNAL IDS

db:	NVD	id:	CVE-2025-20061	Trust: 1.7
db:	ICS CERT	id:	ICSA-25-023-01	Trust: 1.0
db:	ZDI_CAN	id:	ZDI-CAN-24784	Trust: 0.7
db:	ZDI	id:	ZDI-25-088	Trust: 0.7

sources: ZDI: ZDI-25-088 // NVD: CVE-2025-20061

REFERENCES

url:

https://www.cisa.gov/news-events/ics-advisories/icsa-25-023-01

Trust: 1.7

sources: ZDI: ZDI-25-088 // NVD: CVE-2025-20061

CREDITS

Mehmet INCE (@mdisec) from PRODAFT.com

Trust: 0.7

sources: ZDI: ZDI-25-088

SOURCES

db:	ZDI	id:	ZDI-25-088
db:	NVD	id:	CVE-2025-20061

LAST UPDATE DATE

2025-02-22T23:31:27.158000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-25-088	date:	2025-02-19T00:00:00
db:	NVD	id:	CVE-2025-20061	date:	2025-01-29T20:15:35.363

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-25-088	date:	2025-02-19T00:00:00
db:	NVD	id:	CVE-2025-20061	date:	2025-01-29T20:15:35.363