Browse all 7 CVE security advisories affecting Gotac. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Gotac develops industrial control systems and SCADA solutions for critical infrastructure. Historically, the product has been vulnerable to multiple remote code execution flaws, cross-site scripting, and privilege escalation vulnerabilities, with seven CVEs documented. Security researchers have identified authentication bypass issues and insecure default configurations as recurring problems. In 2022, a critical RCE vulnerability in Gotac's communication module allowed unauthorized attackers to execute arbitrary code on affected systems without authentication. The company has faced criticism for slow patch response times, leaving critical infrastructure exposed to exploitation. Their products remain widely deployed in energy and manufacturing sectors, making security updates particularly urgent.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1023 | Gotac|Statistics Database System - Missing Authentication — Statistics Database SystemCWE-306 | 7.5 | High | 2026-01-16 |
| CVE-2026-1022 | Gotac|Statistics Database System - Arbitrary File Read — Statistics Database SystemCWE-23 | 7.5 | High | 2026-01-16 |
This page lists every published CVE security advisory associated with Gotac. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.