Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

measuresoft scadapro server vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2012-1824
Untrusted search path vulnerability in Measuresoft ScadaPro Client prior to 4.0.0 and ScadaPro Server prior to 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Measuresoft Scadapro ServerMeasuresoft Scadapro Client
7.8
CVSSv3
CVE-2022-2897
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow privilege escalation..
Measuresoft Scadapro ServerMeasuresoft Scadapro Client
5.5
CVSSv3
CVE-2022-2898
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file access; this could allow a denial-of-service condition.
Measuresoft Scadapro ServerMeasuresoft Scadapro Client
7.8
CVSSv3
CVE-2022-2892
Measuresoft ScadaPro Server (Versions before 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file.
Measuresoft Scadapro Server
7.8
CVSSv3
CVE-2022-2894
Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. The controls may allow seven untrusted pointer deference instances while processing a specific project file.
Measuresoft Scadapro Server
7.8
CVSSv3
CVE-2022-2895
Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file.
Measuresoft Scadapro Server
7.8
CVSSv3
CVE-2022-2896
Measuresoft ScadaPro Server (All Versions) allows use after free while processing a specific project file.
Measuresoft Scadapro Server
7.8
CVSSv3
CVE-2022-3263
The security descriptor of Measuresoft ScadaPro Server version 6.7 has inconsistent permissions, which could allow a local user with limited privileges to modify the service binary path and start malicious commands with SYSTEM privileges.
Measuresoft Scadapro Server 6.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2012-1823malicious code‎CVE-2024-5770CVE-2023-45866CVE-2024-35687local usersCVE-2024-31246CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook