OTPulse
FeedAboutContact

mySCADA myPRO

Plan Patch8.8ICS-CERT ICSA-22-083-02Mar 24, 2022
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

mySCADA myPRO version 8.25.0 and earlier contains a command injection vulnerability that allows authenticated users to execute arbitrary operating system commands. The flaw exists in the application's handling of user input and could enable an attacker to run commands with the privileges of the myPRO process.

What this means
What could happen
An attacker with valid myPRO credentials could inject and execute arbitrary commands on the server, potentially gaining full control of the SCADA system and its ability to monitor or control energy infrastructure.
Who's at risk
Energy utilities and other organizations operating mySCADA myPRO for SCADA monitoring and control. This affects anyone using myPRO version 8.25.0 or earlier who has allowed internal or remote access to the application.
How it could be exploited
An attacker with valid credentials to myPRO logs in and injects operating system commands through an input field or parameter. The application fails to sanitize the input, allowing the injected commands to execute with the privileges of the myPRO service, giving the attacker command-line access to the underlying operating system.
Prerequisites
  • Valid myPRO user credentials
  • Network access to the myPRO application
  • Knowledge of a command injection point in the application interface
requires valid credentialsnetwork-accessiblelow complexity attackaffects SCADA control systemsimpacts energy sector
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
myPRO:≤ 8.25.08.26 or higher
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGRestrict network access to myPRO to authorized users only; do not expose the application to the Internet or untrusted networks
HARDENINGApply principle of least privilege to myPRO user accounts—grant only the minimum necessary permissions
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade myPRO to version 8.26 or higher
Long-term hardening
0/1
HARDENINGPlace myPRO behind a firewall and isolate it from the business network
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/7d45660b-6213-4e4f-9e7f-2e0c9768a7ec
mySCADA myPRO | CVSS 8.8 - OTPulse