CVE-2018-17901

Summary

LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on a stack object, which may allow an attacker to execute code under the current process.

Affected Software

VendorProductVersion RangeStatus
LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA MELAquis SCADA4.1.0.3870 and prioraffected

Weaknesses

  • CWE-787: OUT-OF-BOUNDS WRITE CWE-787

ADP Enrichment

CVE Program Container

Additional References

References