CVE-2025-24865

CRITICAL

mySCADA myPRO Manager - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-24865. PoCs published by Michael Heinzl, including Metasploit module auxiliary/admin/scada/mypro_mgr_creds.

AI-analyzed exploit summary This Metasploit module exploits a broken authentication vulnerability (CVE-2025-24865) in mySCADA myPRO Manager <= v1.3 to harvest cleartext credentials (CVE-2025-22896) from the notification configuration page without proper authentication.

Description

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password.

Exploits (1)

metasploit WORKING POC
by Michael Heinzl · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/scada/mypro_mgr_creds.rb

This Metasploit module exploits a broken authentication vulnerability (CVE-2025-24865) in mySCADA myPRO Manager <= v1.3 to harvest cleartext credentials (CVE-2025-22896) from the notification configuration page without proper authentication.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: mySCADA myPRO Manager <= v1.3
No auth needed
Prerequisites: Network access to the target's web interface (port 34022 by default)
devstral-2 · analyzed Apr 13, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 10.0
EPSS 0.6723
EPSS Percentile 98.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-306
Status published
Products (1)
myscada/mypro < 1.4
Published Feb 13, 2025
Tracked Since Feb 18, 2026