PatchSiren cyber security CVE debrief
CVE-2024-45369 mySCADA CVE debrief
CVE-2024-45369 is a HIGH severity vulnerability (CVSS 8.1) in mySCADA myPRO Manager and myPRO Runtime, published by CISA on November 21, 2024. The vulnerability stems from a weak authentication mechanism in the web application that fails to properly verify requests originate from authenticated and authorized resources. This authentication weakness could allow attackers to bypass security controls and perform unauthorized actions. The affected products are mySCADA myPRO Manager versions prior to 1.3 and mySCADA myPRO Runtime versions prior to 9.2.1. CISA has not added this vulnerability to the Known Exploited Vulnerabilities (KEV) catalog, and there is no indication of known ransomware campaign use. The vendor has released patched versions to address this issue.
- Vendor
- mySCADA
- Product
- myPRO Manager
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-11-21
- Original CVE updated
- 2024-11-21
- Advisory published
- 2024-11-21
- Advisory updated
- 2024-11-21
Who should care
Organizations operating mySCADA myPRO Manager or myPRO Runtime in industrial control system environments, including manufacturing facilities, energy sector operators, water treatment facilities, and other critical infrastructure operators utilizing mySCADA HMI/SCADA solutions. Security teams responsible for OT/ICS network protection and compliance with CISA guidance should prioritize assessment and remediation.
Technical summary
The mySCADA myPRO Manager web application implements insufficient authentication verification for incoming requests. The weak authentication mechanism fails to adequately validate that requests are sourced from authenticated and authorized resources, creating a vector for potential authentication bypass. This vulnerability affects both the management interface (myPRO Manager <1.3) and the runtime environment (myPRO Runtime <9.2.1). The CVSS 3.1 score of 8.1 reflects network attack vector, high attack complexity, no privileges required, no user interaction, and high impacts to confidentiality, integrity, and availability. Organizations operating industrial control systems with mySCADA products should prioritize patching to prevent unauthorized system access and potential manipulation of industrial processes.
Defensive priority
HIGH
Recommended defensive actions
- Update mySCADA myPRO Manager to version 1.3 or later
- Update mySCADA myPRO Runtime to version 9.2.1 or later
- Review and strengthen authentication mechanisms for all web application endpoints
- Implement network segmentation to limit exposure of SCADA systems
- Monitor for unauthorized access attempts to myPRO Manager and Runtime interfaces
- Apply CISA ICS recommended practices for defense-in-depth security
- Ensure only authorized personnel have administrative access to mySCADA systems
Evidence notes
Vulnerability details sourced from CISA CSAF advisory ICSA-24-326-07. CVSS 3.1 vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Affected products confirmed through CSAF product tree: myPRO Manager (<1.3) and myPRO Runtime (<9.2.1).
Official resources
-
CVE-2024-45369 CVE record
CVE.org
-
CVE-2024-45369 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-11-21