Known Vulnerabilities for products from ScadaBR

Listed below are 7 of the newest known vulnerabilities associated with the vendor "ScadaBR".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-8605 json In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as... Not Provided 2026-05-19 2026-05-21
CVE-2026-8604 json In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's... Not Provided 2026-05-19 2026-05-21
CVE-2026-8603 json In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SC... Not Provided 2026-05-19 2026-05-21
CVE-2026-8602 json In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacke... Not Provided 2026-05-19 2026-05-21
CVE-2025-70973 json ScadaBR 1.12.4 is vulnerable to Session Fixation. The application assigns a JSESSIONID session cookie to unauthenticated user... Not Provided 2026-03-09 2026-04-07
CVE-2019-16344 json A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker t... 6.1 - MEDIUM 2019-10-14 2019-10-17
CVE-2019-16321 json ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/... 6.1 - MEDIUM 2019-09-15 2019-09-18

Known software with vulnerabilities from ScadaBR

Type Vendor Product Version
ApplicationScadabrScadabr1.0ce