These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-8604 is a high-severity cross-site request forgery (CSRF) issue affecting ScadaBR 1.2.0. According to the CVE description, an attacker could lure a logged-in user to a malicious webpage and use that user’s authenticated session to trigger privileged actions without their intent. The impact is especially important in environments where ScadaBR is used to manage industrial or operational systems, b [truncated]
CVE-2026-8603 is a high-severity OS command injection issue reported for ScadaBR 1.2.0. According to the CVE description, an attacker could execute commands as root on the SCADA system. The NVD record maps the weakness to CWE-78 and shows a CVSS v4.0 vector indicating network reachability, low attack complexity, no user interaction, and high impacts to confidentiality, integrity, and availability. Because [truncated]
CVE-2026-8602 describes a missing authentication issue in ScadaBR 1.2.0 that can let an unauthenticated attacker send HTTP GET requests to the SCADA system and inject arbitrary sensor readings. Because the issue is reachable over the network and affects integrity and availability, exposed deployments should treat it as high priority.