CVE-2026-8602

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings.

More information : https://www.cisa.gov/news-events/ics-advisories/icsa-26-139-03