CVE-2021-43987

CRITICAL

mySCADA myPRO <8.20.0 - Info Disclosure

Title source: llm

Description

An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and prior that is not exposed through the web interface, which cannot be deleted or changed through the regular web interface.

References (1)

[Third Party Advisory, US Government Resource] https://www.cisa.gov/uscert/ics/advisories/icsa-21-355-01

Scores

CVSS v3 9.8

EPSS 0.0023

EPSS Percentile 45.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-912

Status published

Products (1)

myscada/mypro < 8.20.0

Published Dec 23, 2021

Tracked Since Feb 18, 2026