InSAT MasterSCADA BUK-TS

Plan PatchCVSS 9.8ICS-CERT ICSA-26-055-01Feb 24, 2026

Energy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

InSAT MasterSCADA BUK-TS contains SQL injection (CWE-89) and OS command injection (CWE-78) vulnerabilities that allow remote code execution. All versions of the product are affected. The vendor has not responded to CISA requests for mitigation and has not issued patches. Users are advised to contact InSAT directly for additional information and security guidance.

What this means

What could happen

An attacker with network access to InSAT MasterSCADA BUK-TS can execute arbitrary code on the system, potentially gaining full control over your SCADA server and the ability to manipulate critical process operations or shut down systems.

Who's at risk

Organizations operating energy infrastructure that rely on InSAT MasterSCADA BUK-TS for supervisory control and monitoring are at critical risk. This includes utilities managing power generation, distribution, or industrial process automation where this SCADA platform is deployed.

How it could be exploited

An attacker reaches the MasterSCADA BUK-TS system over the network. The system accepts unauthenticated input that is passed unsanitized to system commands or interpreted as code, allowing the attacker to execute arbitrary commands with the privileges of the SCADA server process.

Prerequisites

Network access to the MasterSCADA BUK-TS system (typically on port 8080 or 8443 for web interface)
No authentication required to trigger the vulnerability

remotely exploitableno authentication requiredlow complexityno patch availableaffects control systemsSQL injection (CWE-89) and OS command injection (CWE-78) vulnerabilities

Exploitability

Some exploitation risk — EPSS score 1.3%

Affected products (1)

ProductAffected VersionsFix Status

MasterSCADA BUK-TS: vers:all/*All versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/4

HARDENINGIsolate InSAT MasterSCADA BUK-TS systems from untrusted networks immediately. Implement firewall rules to restrict access to only known engineering workstations and HMI clients that require connection.

WORKAROUNDDisable remote access to the MasterSCADA BUK-TS web interface if not operationally required. If remote access is necessary, place the system behind a VPN or jump server that requires strong authentication.

HARDENINGMonitor MasterSCADA BUK-TS systems for unexpected process execution, network connections, or changes to configuration files using host-based logging.

WORKAROUNDContact InSAT at info@insat.ru or scada@insat.ru to request security guidance and determine if a patch or mitigation is available.

Mitigations - no patch available

0/1

MasterSCADA BUK-TS: vers:all/* has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGEvaluate replacement or migration away from InSAT MasterSCADA BUK-TS to a vendor that actively maintains security patches. Begin long-term planning for end-of-life or alternative SCADA solutions.

CVEs (2)

CVE-2026-21410 CVE-2026-22553

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/18777fd8-84a7-4c4a-884d-00d4b0c00d71

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.