CVE-2021-41579
- EPSS 1.08%
- Veröffentlicht 04.10.2021 18:15:09
- Zuletzt bearbeitet 21.11.2024 06:26:27
LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary...
CVE-2020-25188
- EPSS 0.19%
- Veröffentlicht 14.10.2020 13:15:13
- Zuletzt bearbeitet 21.11.2024 05:17:35
An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA (Versions prior to 4.3.1.870).
CVE-2019-10980
- EPSS 0.16%
- Veröffentlicht 05.08.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:20:17
A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 h...
CVE-2019-10994
- EPSS 0.15%
- Veröffentlicht 05.08.2019 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:20:18
Processing a specially crafted project file in LAquis SCADA 4.3.1.71 may trigger an out-of-bounds read, which may allow an attacker to obtain sensitive information. The attacker must have local access to the system. A CVSS v3 base score of 2.5 has be...