CVE-2018-18996

EPSS 2.5%CWE-74

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.

Affected products

ICS-CERT · LCDS Laquis SCADA

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-015-01 http://www.securityfocus.com/bid/106634