CVE-2025-8743 is a medium severity cross-site scripting (XSS) vulnerability identified in Scada-LTS versions up to 2.7.8.1, specifically affecting the Virtual Data Source Property Handler component within the /data_source_edit.shtm file. The vulnerability arises from improper sanitization of the 'Name' argument, which can be manipulated by an attacker to inject malicious scripts. This flaw allows remote attackers to execute arbitrary JavaScript in the context of the victim's browser without requiring authentication, although user interaction is necessary to trigger the payload. The vulnerability has been publicly disclosed, increasing the risk of exploitation, but there are no known active exploits in the wild at this time. The CVSS 4.0 base score is 5.1, reflecting a medium severity level due to the network attack vector, low attack complexity, no privileges required, but requiring user interaction and limited impact on confidentiality and integrity. The vulnerability could be leveraged to steal session tokens, perform unauthorized actions on behalf of users, or conduct phishing attacks within the SCADA-LTS web interface. Given that SCADA-LTS is a supervisory control and data acquisition system used for industrial control and monitoring, exploitation could lead to disruption or manipulation of critical infrastructure data if attackers successfully target operators or administrators through social engineering or malicious links.

For European organizations, particularly those in critical infrastructure sectors such as energy, water management, manufacturing, and transportation that utilize SCADA-LTS, this vulnerability poses a risk of unauthorized script execution within the management interface. This could lead to session hijacking, unauthorized command execution, or data manipulation, potentially disrupting industrial processes or causing erroneous system behavior. Although the vulnerability requires user interaction, targeted spear-phishing campaigns against system operators could facilitate exploitation. The impact on confidentiality and integrity is limited but non-negligible, as attackers could gain access to sensitive operational data or manipulate control parameters indirectly. Availability impact is minimal since the vulnerability does not directly allow denial of service. However, the potential for indirect operational disruption through compromised user sessions or injected malicious commands is a concern. European organizations with stringent regulatory requirements for industrial control system security must prioritize addressing this vulnerability to maintain operational resilience and compliance.

1. Immediate application of patches or updates from the SCADA-LTS vendor once available is the most effective mitigation. Since no patch links are currently provided, organizations should monitor vendor advisories closely. 2. Implement strict input validation and output encoding on the 'Name' parameter within the affected component to prevent script injection. 3. Employ web application firewalls (WAFs) with rules designed to detect and block XSS payloads targeting SCADA-LTS interfaces. 4. Restrict access to the SCADA-LTS web interface to trusted networks and users via network segmentation and VPNs to reduce exposure. 5. Conduct user awareness training focused on recognizing phishing attempts and suspicious links to mitigate the risk of user interaction exploitation. 6. Enable Content Security Policy (CSP) headers on the SCADA-LTS web server to limit the execution of unauthorized scripts. 7. Regularly audit and monitor logs for unusual activities or repeated failed attempts to exploit the vulnerability. 8. Consider multi-factor authentication (MFA) for accessing the SCADA-LTS interface to add an additional security layer.