Skip to main content

Authentication Bypass Using an Alternate Path or Channel

CVE-2021-43985

Severity High
Score 9.8/10

Summary

An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any form of authentication or authorization.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-288 - Authentication Bypass Using an Alternate Path or Channel

A product requires authentication, but the product has an alternate path or channel that does not require authentication.

References

Advisory Timeline

  • Published