HIGHCVE-2026-8603Published Modified CNA icscert
CVE-2026-8603: Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system.
Metrics
- CVSS v4.0
- 8.7
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- ScadaBR / ScadaBR1.2.0
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NReferences