ICSA-22-235-06 · Published 2022-08-23 · View on CISA ICS-CERT ↗

Measuresoft ScadaPro Server and Client

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow arbitrary code execution, privilege escalation, or a denial-of-service condition.

CVE-2022-2894 CVE-2022-2895 CVE-2022-2896 CVE-2022-2897 CVE-2022-2898

Measuresoft is aware of the issues reported and is developing mitigations.
Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Only use project files originating from known, trusted sources.

Measuresoft

Measuresoft · ScadaPro Server and Client vers:all/*

Energy, Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.