Cyber Security News

mySCADA myPRO RCE Vulnerabilities Expose ICS Devices to Remote Control

Supervisory Control and Data Acquisition (SCADA) systems play a pivotal role in managing critical infrastructure across sectors like energy, manufacturing, and more.

However, this digital transformation also brings with it a heightened vulnerability to cyber threats.

Recent research by our security team at PRODAFT has identified critical vulnerabilities in the mySCADA myPRO system, a widely used SCADA management solution headquartered in the Czech Republic.

These vulnerabilities could compromise industrial control systems if exploited, leading to significant operational disruptions and financial losses.

The identified vulnerabilities are detailed in the table below:

VulnerabilityCVECVSS ScoreAffected Products
mySCADA myPRO Manager OS Command Injection via Email ParameterCVE-2025-200619.8 (CVSS v3.1), 9.3 (CVSS v4)myPRO Manager – Versions prior to 1.3
mySCADA myPRO Manager OS Command Injection via Version ParameterCVE-2025-200149.8 (CVSS v3.1), 9.3 (CVSS v4)myPRO Manager – Versions prior to 1.3

Vulnerabilities Details

These vulnerabilities exist due to the improper sanitization of inputs in the myPRO Manager application.

An attacker can exploit these weaknesses by sending specially crafted POST requests containing either email or version parameters to a specific port.

Once executed, these requests can inject system commands, leading to Remote Command Execution (RCE), which allows attackers to execute arbitrary code on the system.

CVE-2025-20061 Details:

  • Impact: Remote Command Execution (RCE)
  • CVSS v3.1 Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
  • CVSS v4 Score: 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)

CVE-2025-20014 Details:

  • Impact: Remote Command Execution (RCE)
  • CVSS v3.1 Score: 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
  • CVSS v4 Score: 9.3 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)

Both vulnerabilities are categorized under CWE-78, highlighting the application’s failure to properly neutralize special elements used in OS commands.

Affected Products

The vulnerabilities affect the following mySCADA products:

  • myPRO Manager: Versions prior to 1.3
  • myPRO Runtime: Versions prior to 9.2.1

These vulnerabilities underscore the persistent security risks associated with SCADA systems and the need for robust defense mechanisms.

 Exploitation could lead to severe operational disruptions, financial losses, and safety hazards.

To address these vulnerabilities effectively, organizations should consider the following strategies:

  • Apply Patches: Immediately install vendor-issued updates for affected products.
  • Network Segmentation: Isolate SCADA systems from IT networks to reduce attack surfaces.
  • Access Controls: Implement strong authentication measures, including multi-factor authentication (MFA).
  • Monitoring: Utilize IDS and SIEM solutions to detect and respond to threats in real-time.
  • Incident Response: Develop and test comprehensive incident response plans for rapid containment and recovery.

As threats against SCADA systems evolve, proactive security research and robust defense strategies remain crucial in securing critical infrastructure.

Please replace the hypothetical CVEs (CVE-2025-20061 and CVE-2025-20014) with the actual CVE identifiers once they are available.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…

15 hours ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution…

15 hours ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…

15 hours ago

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…

15 hours ago

EU Targets Stark Industries in Cyberattack Sanctions Crackdown

The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…

19 hours ago

Venice.ai’s Unrestricted Access Sparks Concerns Over AI-Driven Cyber Threats

Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…

20 hours ago