CVE-2017-6016
HIGHLCDS LAquis SCADA < 4.1 - Authenticated Privilege Escalation via File Modification
Title source: llmDescription
An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions released before January 20, 2017. An Improper Access Control vulnerability has been identified, which may allow an authenticated user to modify application files to escalate privileges.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/96942
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01
Scores
CVSS v3
7.3
EPSS
0.0032
EPSS Percentile
24.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
Status
published
Products (2)
leao_consultoria_e_desenvolvimento_de_sistemas/ltda_me_laquis_scada
< 4.1
n/a/LCDS Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA
LCDS Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA
Published
May 19, 2017
Tracked Since
Feb 18, 2026