On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 1.03.07 devices, unauthenticated remote attackers can overwrite, delete, or create files.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H | 3.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| iclinks | weblib | 1.22 |
| iclinks | scadaflex_ii_firmware | 1.02.15 |
| iclinks | scadaflex_ii_firmware | 1.02.20 |
| iclinks | scadaflex_ii_firmware | 1.01.14 |
| iclinks | weblib | 1.13 |
| iclinks | scadaflex_ii_firmware | 1.03.07 |
| iclinks | weblib | 1.14 |
| iclinks | weblib | 1.16 |
| iclinks | scadaflex_ii_firmware | 1.02.01 |
| iclinks | scadaflex_ii_firmware | 1.01.01 |
| iclinks | weblib | 1.24 |