Vulnerabilities > CVE-2021-43987 - Hidden Functionality vulnerability in Myscada Mypro 7/7.0.26

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
myscada
CWE-912

Summary

An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and prior that is not exposed through the web interface, which cannot be deleted or changed through the regular web interface.

Vulnerable Configurations

Part Description Count
Application
Myscada
2

Common Weakness Enumeration (CWE)