CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-70973

ScadaBR 1.12.4 is vulnerable to Session Fixation. The application assigns a JSESSIONID session cookie to unauthenticated users and does not regenerate the session identifier after successful authentication. As a result, a session created prior to login becomes authenticated once the victim logs in, allowing an attacker who knows the session ID to hijack an authenticated session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.9%

CVSS Severity

CVSS v3 Score 4.8

References

https://github.com/chiranjib2001/ScadaBR/blob/main/README.md

Products affected by CVE-2025-70973

Scadabr » Scadabr » Version: 1.12.4

cpe:2.3:a:scadabr:scadabr:1.12.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-70973

Products

Pricing

Contact Us