The National Computer Emergency Response Team (NCERT) has issued an urgent advisory highlighting two critical security vulnerabilities in mySCADA myPRO, a widely used Supervisory Control and Data Acquisition (SCADA) system. The flaws, identified as CVE-2025-20014 and CVE-2025-20061, enable attackers to execute arbitrary commands remotely, posing severe risks to industrial control environments. Due to their high potential impact, both vulnerabilities have been assigned a 9.3 severity rating on the CVSS v4 scale, indicating the critical nature of the threat.
According to NCERT, these vulnerabilities arise from improper input validation in the affected SCADA systems, allowing cybercriminals to exploit weaknesses via specially crafted POST requests. If successfully leveraged, attackers can gain unauthorized administrative access, execute malicious code, disrupt operations, and compromise sensitive industrial data. The advisory warns that organizations relying on mySCADA myPRO for process automation and industrial management must act swiftly to mitigate the potential consequences of these security flaws.
The affected systems include mySCADA PRO Manager v1.2 and earlier, as well as mySCADA PRO Runtime v9.2.0 and earlier. Organizations operating outdated or unpatched versions are at significant risk, especially those that have SCADA systems exposed to IT networks or the public internet. NCERT has emphasized that environments lacking proper network segmentation are particularly vulnerable to cyberattacks, as these configurations allow attackers to move laterally across systems once an initial breach occurs.
To address these vulnerabilities, NCERT strongly advises organizations to limit network exposure by isolating SCADA systems from public-facing networks. Security teams should implement strict firewall rules to prevent unauthorized access and enforce Multi-Factor Authentication (MFA) along with Role-Based Access Control (RBAC) to restrict administrative privileges. Additionally, continuous monitoring of system logs and network activity is essential to detect and prevent malicious exploitation attempts, especially those involving manipulated POST requests.
As an immediate response, organizations using mySCADA myPRO must upgrade to the latest patched versions—mySCADA PRO Manager v1.3 and mySCADA PRO Runtime v9.2.1—to remediate the identified vulnerabilities. Beyond software updates, NCERT recommends hardening security configurations by disabling unnecessary services, enforcing network segmentation, and deploying application whitelisting mechanisms to block unauthorized software execution. Strengthening overall cybersecurity posture through regular security assessments and vulnerability scans is also encouraged.
Given the increasing frequency and sophistication of cyberattacks targeting industrial control systems, NCERT has stressed the importance of proactive security measures. Organizations must establish comprehensive incident response strategies, conduct regular disaster recovery drills, and maintain secure backups to mitigate potential operational disruptions in the event of an attack. The advisory underscores that failure to address these vulnerabilities could lead to severe industrial shutdowns, financial losses, and significant safety risks, particularly in sectors reliant on automated process control.
As cyber threats continue to evolve, organizations leveraging mySCADA myPRO must act immediately to safeguard their industrial systems. Further details, including security updates and best practices, can be found through official NCERT advisories. Cybersecurity teams are urged to stay vigilant and prioritize the protection of critical infrastructure against emerging threats.
