Is there a public PoC exploit available for CVE-2025-7729?

Yes, a public proof-of-concept exploit is available for CVE-2025-7729. Prioritise patching immediately. EPSS: 0.0%.

Scada-LTS CVE-2025-7729

Q: What is the CVSS score of CVE-2025-7729?

CVE-2025-7729 has a CVSS 4.0 base score of 2.0 (Low). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

LOW

Cross-site Scripting (XSS) (CWE-79)

2025-07-17 cna@vuldb.com

XSS Scada Lts

2.0

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

2.0 LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Apr 29, 2026 - 01:19 vuln.today

DescriptionCVE.org

A vulnerability classified as problematic was found in Scada-LTS up to 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file usersProfiles.shtm. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this issue and confirmed that it will be fixed in the upcoming release 2.8.0.

AnalysisAI

Stored cross-site scripting (XSS) in Scada-LTS up to version 2.7.8.1 allows authenticated remote attackers to inject malicious scripts via the Username parameter in the usersProfiles.shtm file, with user interaction required to trigger payload execution. The vulnerability has a very low CVSS score (2.0) due to authentication and user interaction requirements, but public exploit code is available and vendor has confirmed remediation in version 2.8.0.

Technical ContextAI

The vulnerability exists in the usersProfiles.shtm file, a web interface component of Scada-LTS (an industrial SCADA monitoring and control system). The root cause is improper input validation and output encoding of the Username parameter, classified under CWE-79 (Improper Neutralization of Input During Web Page Generation). When user-supplied input from the Username field is reflected in HTTP responses without proper HTML/JavaScript encoding, an attacker with valid credentials can craft a malicious username containing script tags that execute in the victim's browser context when the profile page is viewed.

RemediationAI

Upgrade to Scada-LTS version 2.8.0 or later once available from the vendor. Until the patched version is released, apply compensating controls: (1) Implement strict HTML/JavaScript output encoding for all user-supplied input, especially the Username field in usersProfiles.shtm, by modifying the template to escape special characters before rendering; (2) Restrict administrative access to the user profiles page to trusted IP addresses or VPN networks using firewall or web application firewall (WAF) rules; (3) Disable or restrict user self-service profile editing capabilities if business requirements permit, forcing administrators to manage usernames via backend systems only; (4) Implement Content Security Policy (CSP) headers to prevent inline script execution; (5) Apply the principle of least privilege to limit which users can create or modify usernames. Each mitigation trades convenience for security - IP restrictions reduce remote access flexibility, disabling self-service impacts user experience, and CSP may require code refactoring.

CVE-2025-7729 vulnerability details – vuln.today

Back