CVE-2025-35941 is a medium-severity vulnerability identified in version 1.3 of the mySCADA myPRO product. The core issue involves local exposure of a password, classified under CWE-522, which pertains to the storage or exposure of credentials in an insecure manner. Specifically, the vulnerability allows an attacker with local access and low privileges (PR:L) to obtain a password without requiring user interaction (UI:N). The CVSS 3.1 base score is 5.5, reflecting a moderate impact primarily on confidentiality (C:H), with no impact on integrity or availability (I:N/A:N). The attack vector is local (AV:L), meaning the attacker must have some form of local access to the affected system. The vulnerability does not require elevated privileges beyond low-level access, which increases the risk if local access controls are weak. No known exploits are currently reported in the wild, and no patches have been published yet. The vulnerability could allow unauthorized disclosure of sensitive credentials, potentially enabling further unauthorized access or lateral movement within an industrial control or SCADA environment where myPRO is deployed. Given the nature of mySCADA products, which are often used in industrial automation and critical infrastructure monitoring, the exposure of passwords could have significant operational security implications if exploited.

For European organizations, particularly those operating in industrial automation, energy, manufacturing, or critical infrastructure sectors, this vulnerability poses a confidentiality risk. Exposure of passwords locally could lead to unauthorized access to control systems or sensitive operational data. While the vulnerability requires local access, insider threats or attackers who gain initial footholds via other means could exploit this weakness to escalate privileges or move laterally within networks. This could disrupt operational continuity or lead to data breaches. The impact is heightened in environments where mySCADA myPRO is integrated into critical processes, as unauthorized access could indirectly affect safety, production, or service availability. However, since integrity and availability are not directly impacted by this vulnerability, the immediate risk is limited to credential exposure rather than direct system manipulation or denial of service. European organizations with stringent local access controls and monitoring may mitigate some risk, but those with less mature internal security controls could be more vulnerable.

Organizations should implement strict local access controls and monitoring to limit who can access systems running mySCADA myPRO version 1.3. Employing endpoint security solutions that detect unauthorized local access attempts is critical. Since no patch is currently available, organizations should consider isolating affected systems from less trusted users and networks to reduce exposure. Regularly auditing and rotating credentials used by myPRO can limit the window of opportunity for attackers. Additionally, deploying host-based intrusion detection systems (HIDS) and enforcing the principle of least privilege for local accounts can reduce the risk of exploitation. Organizations should also prepare to apply patches promptly once they become available and consider engaging with mySCADA support for any recommended interim mitigations or configuration changes. Finally, raising awareness among staff about the risks of local credential exposure and insider threats can help reduce accidental or malicious misuse.