PT-2019-9686 · Lcds · Lcds Laquis Scada

Esteban Ruiz

Publicado

2019-01-19

Atualizado

2019-10-09

CVE-2018-18986

CVSS v2.0

8.3

Alta

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:C

Name of the Vulnerable Software and Affected Versions LCDS Laquis SCADA versions prior to 4.1.0.4150

Description The issue allows the opening of a specially crafted report format file, which may cause an out of bounds read. This can lead to a system crash, allow data exfiltration, or enable remote code execution.

Recommendations For versions prior to 4.1.0.4150, update to version 4.1.0.4150 or later to resolve the issue. As a temporary workaround, consider restricting the opening of report format files from untrusted sources until a patch is applied.

Correção

Memory Corruption

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-125

Identificadores relacionados

CVE-2018-18986

ZDI-19-057

Produtos afetados

Lcds Laquis Scada

PT-2019-9686 · Lcds · Lcds Laquis Scada

CVE-2018-18986

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5