Security Advisory
mySCADA myDESIGNER Zip Slip
Upgrade to myDESIGNER 8.21.0 or later. Only handle project files from trusted sources. Password protect trusted project files when possible. Block emails with attachments that have a mep extension. If possible, try to handle project files in an isolated environment away from the OT network.
Risk Information
Possible Threat
CVE ID
CVE-2021-41578
Vunerability Type
Path Traversal
CVSS3 Score
7.8
CVSSv3 Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affecting
Mitigation
Upgrade to myDESIGNER 8.21.0 or later
09/27/2021