CVE-2018-18998

CRITICAL

LCDS Laquis SCADA < 4.1.0.4150 - Use of Hard-coded Credentials

Title source: llm
STIX 2.1

Description

LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106634

Scores

CVSS v3 9.8
EPSS 0.0238
EPSS Percentile 81.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-798
Status published
Products (1)
lcds/laquis_scada < 4.1.0.4150
Published Feb 05, 2019
Tracked Since Feb 18, 2026