CVE-2018-19029

Summary

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash.

Affected Software

VendorProductVersion RangeStatus
LCDSLCDS Laquis SCADAAll versions prior to version 4.1.0.4150affected

Weaknesses

  • CWE-822: UNTRUSTED POINTER DEREFERENCE CWE-822

ADP Enrichment

CVE Program Container

Additional References

References