Measuresoft.ScadaPro.XF.Function.Remote.Command.Execution
Description
This indicates an attack attempt against a remote Command Execution vulnerability in Measuresoft ScadaPro.
A vulnerability has been reported in ScadaPro that may allow an attacker to execute an arbitrary functions of a DLL on a vulnerable system. This is possible because the user input filters fail to properly sanitize the parameter value that is passed to "XF" command.
Affected Products
Measuresoft ScadaPro 4.0.0 and earlier.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |