Laquisscada: >> Scada >> 4.1.0.4150 Security Vulnerabilities
LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locations where the user has permission, leading to code execution.
CVSS Score
7.8
EPSS Score
0.011
Published
2021-10-04
An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA (Versions prior to 4.3.1.870).
CVSS Score
7.8
EPSS Score
0.002
Published
2020-10-14