Structured Exception Handler Overflow in LAquis SCADA by Leao Consultoria e Desenvolvimento de Sistemas
CVE-2018-5463

7.8HIGH

Key Information:

Vendor: Ics-cert
Status: Lcds - LeÃ£o Consultoria E Desenvolvimento De Sistemas Ltda Me Laquis Scada
Vendor: CVE Published:; 9 April 2018

What is CVE-2018-5463?

A vulnerability exists in LAquis SCADA, produced by Leao Consultoria e Desenvolvimento de Sistemas, that can be exploited through a structured exception handler overflow. This flaw in versions 4.1.0.3391 and earlier allows an attacker to execute arbitrary code on affected systems, potentially compromising the integrity and availability of the SCADA environment. Organizations using affected versions need to address this vulnerability promptly to safeguard their systems against potential exploits.

Affected Version(s)

LCDS - LeÃ£o Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA 4.1.0.3391 and prior

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-095-03

x_refsource_MISC

http://www.securityfocus.com/bid/103724

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 9, 2018
Vulnerability Reserved
Jan 12, 2018

CVE-2018-5463 Data

JSON

Ics-cert

What is CVE-2018-5463?

Affected Version(s)

References

CVSS V3.1

Timeline