Lucene search
Esteban Ruiz (mr_me) of Source InciteZDI-19-089HistoryJan 19, 2019 - 12:00 a.m.
LAquis SCADA LGX Report MemoryReadLong Untrusted Pointer Dereference Information Disclosure Vulnerability
2019-01-1900:00:00
Esteban Ruiz (mr_me) of Source Incite
www.zerodayinitiative.com
6
0.01 Low
EPSS
Percentile
83.9%
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the MemoryReadLong method. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the aq process.
Related
zdi
zdi
LAquis SCADA LGX Report File Write Arbitrary File Creation Vulnerability
2019-01-19 00:00:00
prion
prion
Design/Logic Flaw
2019-02-01 17:29:00
nvd
nvd
CVE-2018-18988
2019-02-01 17:29:00
checkpoint_advisories
checkpoint_advisories
LAquis SCADA LGX Report Arbitrary File Write (CVE-2018-18988)
2019-11-04 00:00:00
cve
cve
CVE-2018-18988
2019-02-01 17:29:00
cvelist
cvelist
CVE-2018-18988
2019-01-15 00:00:00
ics
ics
LCDS - LeΓ£o Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA
2019-01-15 12:00:00