Lcds Laquis_scada
22 CVEs affecting Lcds Laquis_scada. Latest disclosed: 2022-05-25. Critical: 6, High: 11.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-18998 | Critical | 9.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges. |
CVE-2018-18996 | Critical | 9.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute re… |
CVE-2018-17897 | Critical | 9.8 | 2018-10-17 | LAquis SCADA Versions 4.1.0.3870 and prior has several integer overflow to buffer overflow vulnerabilities, which may allow remote code execution. |
CVE-2018-17895 | Critical | 9.8 | 2018-10-17 | LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution. |
CVE-2018-17893 | Critical | 9.8 | 2018-10-17 | LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution. |
CVE-2021-32989 | Critical | 9.3 | 2022-05-25 | When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cr… |
CVE-2018-18992 | High | 8.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the… |
CVE-2018-18988 | High | 8.8 | 2019-02-01 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code exe… |
CVE-2018-17899 | High | 8.8 | 2018-10-17 | LAquis SCADA Versions 4.1.0.3870 and prior has a path traversal vulnerability, which may allow remote code execution. |
CVE-2020-10622 | High | 7.8 | 2020-05-04 | LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users |
CVE-2019-6536 | High | 7.8 | 2019-03-27 | Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker t… |
CVE-2018-19029 | High | 7.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, wh… |
CVE-2018-19002 | High | 7.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remo… |
CVE-2018-18986 | High | 7.8 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may caus… |
CVE-2018-17911 | High | 7.8 | 2018-10-17 | LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution. |
CVE-2018-17901 | High | 7.8 | 2018-10-17 | LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on… |
CVE-2018-5463 | High | 7.8 | 2018-04-09 | A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA 4.1.0.3391 and earlier may… |
CVE-2020-10618 | Medium | 5.5 | 2020-05-04 | LCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to sensitive information exposure by unauthorized users. |
CVE-2018-19000 | Medium | 5.3 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data. |
CVE-2018-18990 | Medium | 5.3 | 2019-02-05 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerab… |