CVE-2026-8603
CRITICAL WAF: High
CVSS 9.8
Published: 2026-05-19
CWE-78
In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system.
WAF Coverage Analysis
OS Command Injection
High WAF Coverage
OWASP: A03:2021 Injection
932xxx - Remote Code Execution
Affected Software
| Vendor | Product | Version |
|---|---|---|
| scadabr | scadabr | 1.2 |
References
- www.cisa.gov (Third Party Advisory, US Government Resource)