CVE-2018-18992

HIGH

LCDS Laquis SCADA < 4.1.0.4150 - Remote Code Execution

Title source: llm
STIX 2.1

Description

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106634

Scores

CVSS v3 8.8
EPSS 0.0198
EPSS Percentile 78.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-74
Status published
Products (1)
lcds/laquis_scada < 4.1.0.4150
Published Feb 05, 2019
Tracked Since Feb 18, 2026