CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6536 – LAquis SCADA ELS Users.name Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6536
Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process. Abrir un archivo ELS especialmente manipulado de LCDS LAquis SCADA, en versiones anteriores a la 4.3.1.71, podría resultar en una lectura más allá del final de un búfer asignado, lo que podría permitir que un atacante ejecute código remoto en el contexto del proceso actual. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ELS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. • https://ics-cert.us-cert.gov/advisories/ICSA-19-073-01 https://www.zerodayinitiative.com/advisories/ZDI-19-307 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2018-18988 – LAquis SCADA LGX Report File BlockWrite Arbitrary File Creation Vulnerability
https://notcve.org/view.php?id=CVE-2018-18988
LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite la ejecución de código script abriendo un archivo de formato de informe especialmente manipulado. Esto podría permitir la ejecución remota de código, la exfiltración de datos o provocar el cierre inesperado del sistema. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-19004 – LAquis SCADA LQS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-19004
LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data exfiltration. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite una lectura fuera de límites a la hora de abrir un archivo de proyecto especialmente manipulado, lo que podría permitir la exfiltración de datos. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LQS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 0CVE-2018-18996 – LAquis SCADA Web Server relatorionome NOME Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-18996
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite la recepción de entradas del usuario sin que estén saneadas o autorizadas correctamente, lo que podría permitir a un atacante ejecutar código remoto en el servidor. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorionome.lhtml. When parsing the NOME Element, the process does not properly sanitize user-supplied data, which can lead to the injection of an arbitrary script. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 92%CPEs: 1EXPL: 0CVE-2018-18990 – LAquis SCADA Web Server Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-18990
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process. LCDS Laquis SCADA, en versiones anteriores a la 4.1.0.4150, permite una ruta proporcionada por el usuario en operaciones de archivo antes de validarse correctamente. Un atacante podría aprovecharse de esta vulnerabilidad para divulgar información sensible en el contexto del proceso del servidor web. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. • http://www.securityfocus.com/bid/106634 https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •