Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
InSAT MasterSCADA BUK-TS allows remote code execution via web interface
CVE-2026-21410
Summary
The InSAT MasterSCADA BUK-TS web interface is vulnerable to a security threat. This means that an attacker could potentially take control of the system remotely. To protect your network, update your InSAT MasterSCADA BUK-TS system with the latest security patches as soon as possible.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| insat | masterscada | All versions | – |
Original title
InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.
Original description
InSAT MasterSCADA BUK-TS is susceptible to SQL Injection through its main web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-89
SQL Injection
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-05... Third Party Advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-055-01 US Government Resource VDB Entry Third Party Advisory
Published: 24 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026