← Back to home
ICSA-22-300-04  ·  Published 2022-10-27  ·  View on CISA ICS-CERT ↗

Trihedral VTScada

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could cause a denial-of-service condition in the affected product.

CVEs (1)

Remediations

  • If a VTScada system must accept incoming HTTP connections, then users should limit accepted connections exclusively to trusted LAN networks accessed by trusted personnel.
  • Upgrading to VTScada 12.0.39 or later fixes this vulnerability.
  • Note: VTScada systems not configured to accept incoming HTTP connections are not affected
  • Users can direct additional questions to Trihedral support.

Affected Vendors

Trihedral

Affected Products (1)

Trihedral · VTScada <= 12.0.38

Affected Sectors

Energy, Water and Wastewater

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more