Smartptt Smartptt Scada — known CVE vulnerabilities
Every CVE whose affected-product data names Smartptt Smartptt Scada, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-43934 — CVSS 9.8 (critical): Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user…
CVE-2021-43932 — CVSS 9.0 (critical): Elcomplus SmartPTT is vulnerable when an attacker injects JavaScript code into a specific parameter that can executed upon accessing the…
CVE-2021-43939 — CVSS 8.8 (high): Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests…
CVE-2023-30459 — CVSS 7.2 (high): SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and…
CVE-2021-43930 — CVSS 4.9 (medium): Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users…