CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-41578

mySCADA myDESIGNER 8.20.0 and below allows Directory Traversal attacks when importing project files. If an attacker can trick a victim into importing a malicious mep file, then they gain the ability to write arbitrary files to OS locations where the user has permission. This would typically lead to code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

Products affected by CVE-2021-41578

Myscada » Mydesigner » Version: 8.11.0

cpe:2.3:a:myscada:mydesigner:8.11.0
Myscada » Mydesigner » Version: 8.12.0

cpe:2.3:a:myscada:mydesigner:8.12.0
Myscada » Mydesigner » Version: 8.13.0

cpe:2.3:a:myscada:mydesigner:8.13.0
Myscada » Mydesigner » Version: 8.14.0

cpe:2.3:a:myscada:mydesigner:8.14.0
Myscada » Mydesigner » Version: 8.15.0

cpe:2.3:a:myscada:mydesigner:8.15.0
Myscada » Mydesigner » Version: 8.16.0

cpe:2.3:a:myscada:mydesigner:8.16.0
Myscada » Mydesigner » Version: 8.17.0

cpe:2.3:a:myscada:mydesigner:8.17.0
Myscada » Mydesigner » Version: 8.18.0

cpe:2.3:a:myscada:mydesigner:8.18.0
Myscada » Mydesigner » Version: 8.19.0

cpe:2.3:a:myscada:mydesigner:8.19.0
Myscada » Mydesigner » Version: 8.20.0

cpe:2.3:a:myscada:mydesigner:8.20.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-41578

Products

Pricing

Contact Us