Remote Code Execution in SmartPTT SCADA 1.1.0.0 via Malicious C# Script Execution

CVE-2023-30459 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).

Learn more about our Cis Benchmark Audit For Server Software.