Vulnerabilities > CVE-2017-6016 - Local Access Bypass vulnerability in LAquis SCADA

CVSS 4.4 - MEDIUM

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

leao-consultoria-e-desenvolvimento-de-sistemas

NVD

Published: 2017-05-19

Updated: 2019-10-09

Summary

An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions released before January 20, 2017. An Improper Access Control vulnerability has been identified, which may allow an authenticated user to modify application files to escalate privileges.

Vulnerable Configurations

Part	Description	Count
Application	Leao_Consultoria_E_Desenvolvimento_De_Sistemas Leao Consultoria E Desenvolvimento DE Sistemas Ltda ME Laquis Scada *	1

References

http://www.securityfocus.com/bid/96942
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01