top of page
perceptive_background_267k.jpg

OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.

Published:

28 november 2025 om 00:00:00

Alert date:

5 december 2025 om 08:03:23

Source:

cisa.gov

Click to open the original link from this advisory

OpenPLC ScadaBR contains a cross-site scripting vulnerability accessible via the system_settings.shtm file. This vulnerability affects an open-source SCADA component that could be used by different industrial control products. The XSS vulnerability could potentially allow attackers to execute malicious scripts in the context of the SCADA application. Given its industrial control system context and potential for broader impact across multiple products using this component, this represents a significant security concern for operational technology environments.

Technical details

Mitigation steps:

Affected products:

OpenPLC ScadaBR

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2021-26829
https://github.com/SCADA-LTS/Scada-LTS/pull/3211

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page