CVE-2018-18988

LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash.
References
Link Resource
http://www.securityfocus.com/bid/106634 Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:lcds:laquis_scada:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-02-01 17:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-18988

Mitre link : CVE-2018-18988

CVE.ORG link : CVE-2018-18988


JSON object : View

Products Affected

lcds

  • laquis_scada
CWE
CWE-20

Improper Input Validation

CWE-125

Out-of-bounds Read