← back
CVE-2023-28384

CVE-2023-28384

CVSS 8.8 HIGHEPSS 44.8%
Vexday Risk Score
48Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 8.8EPSS 44.8%KEV nãoPoC Nuclei Metasploit simPatch
Lifecycle
22 Sep 2022Metasploit module available
27 Apr 2023Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
mySCADA Technologies · mySCADA myPRO

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cisa.gov/news-events/ics-advisories/icsa-23-096-06