Lucene search
Esteban Ruiz (mr_me) of Source InciteZDI-19-083HistoryJan 19, 2019 - 12:00 a.m.
LAquis SCADA LGX Report MemoryWriteWord Memory Corruption Remote Code Execution Vulnerability
2019-01-1900:00:00
Esteban Ruiz (mr_me) of Source Incite
www.zerodayinitiative.com
3
0.01 Low
EPSS
Percentile
83.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the MemoryWriteWord method. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the aq process.
Related
zdi
zdi
LAquis SCADA LGX Report File Write Arbitrary File Creation Vulnerability
2019-01-19 00:00:00
prion
prion
Design/Logic Flaw
2019-02-01 17:29:00
nvd
nvd
CVE-2018-18988
2019-02-01 17:29:00
checkpoint_advisories
checkpoint_advisories
LAquis SCADA LGX Report Arbitrary File Write (CVE-2018-18988)
2019-11-04 00:00:00
cve
cve
CVE-2018-18988
2019-02-01 17:29:00
cvelist
cvelist
CVE-2018-18988
2019-01-15 00:00:00
ics
ics
LCDS - LeΓ£o Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA
2019-01-15 12:00:00