Vulnerabilities for Laquis scada (...) - CXSECURITY.COM

Vulnerabilities for 'Laquis scada'

2020-05-04

CVE-2020-10622

NVD-CWE-noinfo

LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users

CVE-2020-10618

CWE-200

LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users.

2019-03-27

CVE-2019-6536

CWE-787

Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process.

2018-10-16

CVE-2018-17911

CWE-119

LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.

CVE-2018-17901

CWE-787

LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on a stack object, which may allow an attacker to execute code under the current process.

CVE-2018-17899

CWE-22

LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution.

CVE-2018-17897

CWE-190

LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflow to buffer overflow vulnerabilities, which may allow remote code execution.

CVE-2018-17895

CWE-125

LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution.

CVE-2018-17893

CWE-476

LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution.

2018-04-09

CVE-2018-5463

CWE-119

A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA 4.1.0.3391 and earlier may allow code execution.

Copyright 2024, cxsecurity.com