Vulnerabilities > Lcds

DATE CVE VULNERABILITY TITLE RISK
2020-05-04 CVE-2020-10622 Unspecified vulnerability in Lcds Laquis Scada 4.1.0.3870/4.3.1
LCDS LAquis SCADA Versions 4.3.1 and prior.
network
lcds
6.8
2020-05-04 CVE-2020-10618 Information Exposure vulnerability in Lcds Laquis Scada
LCDS LAquis SCADA Versions 4.3.1 and prior.
network
lcds CWE-200
4.3
2019-03-27 CVE-2019-6536 Out-of-bounds Write vulnerability in Lcds Laquis Scada 4.1.0.4150
Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process.
network
lcds CWE-787
6.8
2019-02-05 CVE-2018-19029 NULL Pointer Dereference vulnerability in Lcds Laquis Scada 4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash.
network
lcds CWE-476
8.3
2019-02-05 CVE-2018-19002 Code Injection vulnerability in Lcds Laquis Scada 4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.
network
lcds CWE-94
8.3
2019-02-05 CVE-2018-19000 Improper Authentication vulnerability in Lcds Laquis Scada 4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.
network
low complexity
lcds CWE-287
5.0
2019-02-05 CVE-2018-18998 Use of Hard-coded Credentials vulnerability in Lcds Laquis Scada 4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.
network
low complexity
lcds CWE-798
7.5
2019-02-05 CVE-2018-18996 Missing Authorization vulnerability in Lcds Laquis Scada 4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.
network
low complexity
lcds CWE-862
7.5
2019-02-05 CVE-2018-18992 Injection vulnerability in Lcds Laquis Scada 4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.
network
lcds CWE-74
6.8
2019-02-05 CVE-2018-18990 Path Traversal vulnerability in Lcds Laquis Scada 4.1.0.3870
LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation.
network
low complexity
lcds CWE-22
5.0