Vulnerabilities > Lcds

DATE CVE VULNERABILITY TITLE RISK
2022-05-25 CVE-2021-32989 Unspecified vulnerability in Lcds Laquis Scada
When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.
network
low complexity
lcds
6.1
2020-05-04 CVE-2020-10622 Unspecified vulnerability in Lcds Laquis Scada
LCDS LAquis SCADA Versions 4.3.1 and prior.
local
low complexity
lcds
7.8
2020-05-04 CVE-2020-10618 Information Exposure vulnerability in Lcds Laquis Scada
LCDS LAquis SCADA Versions 4.3.1 and prior.
local
low complexity
lcds CWE-200
5.5
2019-03-27 CVE-2019-6536 Out-of-bounds Write vulnerability in Lcds Laquis Scada 4.1.0.4150
Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process.
local
low complexity
lcds CWE-787
7.8
2019-02-05 CVE-2018-19029 NULL Pointer Dereference vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash.
local
low complexity
lcds CWE-476
7.8
2019-02-05 CVE-2018-19002 Code Injection vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.
local
low complexity
lcds CWE-94
7.8
2019-02-05 CVE-2018-19000 Improper Authentication vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.
network
low complexity
lcds CWE-287
5.3
2019-02-05 CVE-2018-18998 Use of Hard-coded Credentials vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.
network
low complexity
lcds CWE-798
critical
9.8
2019-02-05 CVE-2018-18996 Missing Authorization vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.
network
low complexity
lcds CWE-862
critical
9.8
2019-02-05 CVE-2018-18992 Injection vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.
network
low complexity
lcds CWE-74
8.8