Skip to main content
Security Advisory

mySCADA myDESIGNER Zip Slip

Upgrade to myDESIGNER 8.21.0 or later. Only handle project files from trusted sources. Password protect trusted project files when possible. Block emails with attachments that have a mep extension. If possible, try to handle project files in an isolated environment away from the OT network.

Risk Information

affected product:

mySCADA myDESIGNER 8.20.0 and below

Possible Threat

CVE ID

CVE-2021-41578

ID

CVE-2021-41578

Source

Dragos

Skill Level

N/A

CVSSV3 BASE / TEMPORAL SCORE

N/A

CVSSV3 vector

N/A

Affecting

  • mySCADA myDESIGNER 8.20.0 and below
  • Vulnerability Type

    Path Traversal

    Disclosure Timeline

    09/27/2021 - Dragos discloses issue