CVE-2021-41579

LCDS LAquis SCADA through 4.3.1.1085 is vulnerable to a control bypass and path traversal. If an attacker can get a victim to load a malicious els project file and use the play feature, then the attacker can bypass a consent popup and write arbitrary files to OS locations where the user has...

CVE-2019-6536

Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process...

CVE-2019-6536

CVE-2019-6536 concerns LAquis SCADA’s ELS file handling. Affected: SCADA 4.1.0.4150. Vulnerability: out-of-bounds write (CWE-787) in ELS file processing that may allow code execution in the context of the current process. Technical details across sources vary: ZDI describes remote code execution ...

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA ELS Files

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: LCDS—Leão Consultoria e Desenvolvimento de Sistemas LTDA ME Equipment: LAquis SCADA Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution...