The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog, signaling an urgent call for remediation across industrial environments. This is an old vulnerability in ScadaBR. Although rated as medium severity (CVSS 5.4), it has proven to be operationally significant.
ScadaBR is an open-source SCADA platform often paired with OpenPLC (an open-source PLC platform). The flaw affects both Windows and Linux versions.
Attackers can inject persistent JavaScript payloads into administrative panels, which execute whenever a privileged user accesses the compromised interface. This can lead to unauthorized modification of control logic and disruption of industrial operations.
Cybersplice offers solutions that can help protect against collateral damage and targeted attacks against Operational Technology, providing rapid visibility of OT networks using our Splicecloud platform. Cybersplice can also create a secure private sensor network via Splice-net, which is an encrypted overlay network that works on top of existing carrier infrastructure, offering secure, carrier-independent connectivity. Furthermore, Cybersplice provides an ICS Secure Access Edge that incorporates logical isolation, vulnerability shielding via an encrypted overlay network, passive node discovery, and secure remote access for operators and support partners.