var-201903-0180
Vulnerability from variot

Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process. LCDS LAquis SCADA ELS File Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of ELS files. LCDS LAquis SCADA is a SCADA (Data Acquisition and Monitoring Control) system from LCDS, Brazil. The system is mainly used for data acquisition and process control of devices with communication technology. There is an out-of-bounds write vulnerability in LCDS LAquis SCADA. LAquis SCADA is prone to an arbitrary code-execution vulnerability. Failed attempts will likely cause a denial-of-service condition. LAquis SCADA 4.1.0.4150 is vulnerable; other versions may also be vulnerable

Show details on source website


{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "laquis scada",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "lcds",
        "version": "4.1.0.4150"
      },
      {
        "_id": null,
        "model": "laquis scada",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "lcds",
        "version": "4.3.1.71"
      },
      {
        "_id": null,
        "model": "scada",
        "scope": null,
        "trust": 0.7,
        "vendor": "laquis",
        "version": null
      },
      {
        "_id": null,
        "model": "laquis scada",
        "scope": null,
        "trust": 0.6,
        "vendor": "lcds",
        "version": null
      },
      {
        "_id": null,
        "model": "le\u00e3o consultoria e desenvolvimento de sistemas ltda me laquis scada",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "lcds",
        "version": "-4.1.0.4150"
      },
      {
        "_id": null,
        "model": "le\u00e3o consultoria e desenvolvimento de sistemas ltda me laquis scada",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "lcds",
        "version": "-4.3.1.71"
      },
      {
        "_id": null,
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "laquis scada",
        "version": "4.1.0.4150"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-307"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      },
      {
        "db": "BID",
        "id": "107418"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6536"
      }
    ]
  },
  "configurations": {
    "_id": null,
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:lcds:laquis_scada",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Mat Powell of Trend Micro Zero Day Initiative",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-307"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2019-6536",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2019-6536",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2019-14979",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "6957150b-ef62-4aad-a770-6439342094ff",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2019-6536",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2019-6536",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "REQUIRED",
            "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-6536",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-6536",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2019-6536",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14979",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201903-575",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "6957150b-ef62-4aad-a770-6439342094ff",
            "trust": 0.2,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-307"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6536"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process. LCDS LAquis SCADA ELS File Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of ELS files. LCDS LAquis SCADA is a SCADA (Data Acquisition and Monitoring Control) system from LCDS, Brazil. The system is mainly used for data acquisition and process control of devices with communication technology. There is an out-of-bounds write vulnerability in LCDS LAquis SCADA. LAquis SCADA is prone to an arbitrary code-execution vulnerability. Failed attempts will likely cause a denial-of-service condition. \nLAquis SCADA 4.1.0.4150 is vulnerable; other versions may also be vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6536"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-307"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      },
      {
        "db": "BID",
        "id": "107418"
      },
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      }
    ],
    "trust": 3.24
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-6536",
        "trust": 4.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-073-01",
        "trust": 3.3
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-307",
        "trust": 2.3
      },
      {
        "db": "BID",
        "id": "107418",
        "trust": 1.5
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-7374",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0846",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "6957150B-EF62-4AAD-A770-6439342094FF",
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-307"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      },
      {
        "db": "BID",
        "id": "107418"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6536"
      }
    ]
  },
  "id": "VAR-201903-0180",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      }
    ],
    "trust": 1.4364672
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:33:58.525000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "https://laquisscada.com/"
      },
      {
        "title": "LAquis has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-073-01"
      },
      {
        "title": "Patch for LCDS LAquis SCADA Buffer Overflow Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/161905"
      },
      {
        "title": "LCDS LAquis SCADA Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90161"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-307"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6536"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 4.0,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-073-01"
      },
      {
        "trust": 1.6,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-19-307/"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6536"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6536"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/77214"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/107418"
      },
      {
        "trust": 0.3,
        "url": "http://laquisscada.com/instale1.php"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-19-307"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      },
      {
        "db": "BID",
        "id": "107418"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6536"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff",
        "ident": null
      },
      {
        "db": "ZDI",
        "id": "ZDI-19-307",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979",
        "ident": null
      },
      {
        "db": "BID",
        "id": "107418",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003018",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6536",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-05-22T00:00:00",
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff",
        "ident": null
      },
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-307",
        "ident": null
      },
      {
        "date": "2019-05-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14979",
        "ident": null
      },
      {
        "date": "2019-03-14T00:00:00",
        "db": "BID",
        "id": "107418",
        "ident": null
      },
      {
        "date": "2019-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003018",
        "ident": null
      },
      {
        "date": "2019-03-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-575",
        "ident": null
      },
      {
        "date": "2019-03-27T16:29:00.780000",
        "db": "NVD",
        "id": "CVE-2019-6536",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2019-04-02T00:00:00",
        "db": "ZDI",
        "id": "ZDI-19-307",
        "ident": null
      },
      {
        "date": "2019-05-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14979",
        "ident": null
      },
      {
        "date": "2019-03-14T00:00:00",
        "db": "BID",
        "id": "107418",
        "ident": null
      },
      {
        "date": "2019-05-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003018",
        "ident": null
      },
      {
        "date": "2019-04-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-575",
        "ident": null
      },
      {
        "date": "2024-11-21T04:46:38.983000",
        "db": "NVD",
        "id": "CVE-2019-6536",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "LCDS LAquis SCADA Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14979"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "Buffer error",
    "sources": [
      {
        "db": "IVD",
        "id": "6957150b-ef62-4aad-a770-6439342094ff"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-575"
      }
    ],
    "trust": 0.8
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.