CVE-2018-18994

HIGH

Laquisscada Laquis Scada < 4.1.0.4150 - Out-of-Bounds Read

Title source: rule
STIX 2.1

Description

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an out of bounds read when opening a specially crafted project file, which may cause a system crash or allow data exfiltration.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01

Scores

CVSS v3 7.1
EPSS 0.0013
EPSS Percentile 32.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Details

CWE
CWE-125
Status published
Products (1)
laquisscada/laquis_scada < 4.1.0.4150
Published Mar 27, 2019
Tracked Since Feb 18, 2026