var-201903-0180
Vulnerability from variot
Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process. LCDS LAquis SCADA ELS File Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of ELS files. LCDS LAquis SCADA is a SCADA (Data Acquisition and Monitoring Control) system from LCDS, Brazil. The system is mainly used for data acquisition and process control of devices with communication technology. There is an out-of-bounds write vulnerability in LCDS LAquis SCADA. LAquis SCADA is prone to an arbitrary code-execution vulnerability. Failed attempts will likely cause a denial-of-service condition. LAquis SCADA 4.1.0.4150 is vulnerable; other versions may also be vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0180",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "laquis scada",
"scope": "eq",
"trust": 1.0,
"vendor": "lcds",
"version": "4.1.0.4150"
},
{
"model": "laquis scada",
"scope": "lt",
"trust": 0.8,
"vendor": "lcds",
"version": "4.3.1.71"
},
{
"model": "scada",
"scope": null,
"trust": 0.7,
"vendor": "laquis",
"version": null
},
{
"model": "laquis scada",
"scope": null,
"trust": 0.6,
"vendor": "lcds",
"version": null
},
{
"model": "le\u00e3o consultoria e desenvolvimento de sistemas ltda me laquis scada",
"scope": "eq",
"trust": 0.3,
"vendor": "lcds",
"version": "-4.1.0.4150"
},
{
"model": "le\u00e3o consultoria e desenvolvimento de sistemas ltda me laquis scada",
"scope": "ne",
"trust": 0.3,
"vendor": "lcds",
"version": "-4.3.1.71"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "laquis scada",
"version": "4.1.0.4150"
}
],
"sources": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"db": "BID",
"id": "107418"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "NVD",
"id": "CVE-2019-6536"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:lcds:laquis_scada:4.1.0.4150:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6536"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mat Powell of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-307"
}
],
"trust": 0.7
},
"cve": "CVE-2019-6536",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-6536",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-14979",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "6957150b-ef62-4aad-a770-6439342094ff",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-6536",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-6536",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-6536",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2019-6536",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-14979",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-575",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "NVD",
"id": "CVE-2019-6536"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file may result in a write past the end of an allocated buffer, which may allow an attacker to execute remote code in the context of the current process. LCDS LAquis SCADA ELS File Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of ELS files. LCDS LAquis SCADA is a SCADA (Data Acquisition and Monitoring Control) system from LCDS, Brazil. The system is mainly used for data acquisition and process control of devices with communication technology. There is an out-of-bounds write vulnerability in LCDS LAquis SCADA. LAquis SCADA is prone to an arbitrary code-execution vulnerability. Failed attempts will likely cause a denial-of-service condition. \nLAquis SCADA 4.1.0.4150 is vulnerable; other versions may also be vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6536"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"db": "BID",
"id": "107418"
},
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6536",
"trust": 4.2
},
{
"db": "ICS CERT",
"id": "ICSA-19-073-01",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-19-307",
"trust": 2.3
},
{
"db": "BID",
"id": "107418",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2019-14979",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-575",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7374",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.0846",
"trust": 0.6
},
{
"db": "IVD",
"id": "6957150B-EF62-4AAD-A770-6439342094FF",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"db": "BID",
"id": "107418"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "NVD",
"id": "CVE-2019-6536"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
]
},
"id": "VAR-201903-0180",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
}
],
"trust": 1.4364672
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
}
]
},
"last_update_date": "2023-12-18T13:48:01.483000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://laquisscada.com/"
},
{
"title": "LAquis has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-073-01"
},
{
"title": "Patch for LCDS LAquis SCADA Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/161905"
},
{
"title": "LCDS LAquis SCADA Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90161"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "NVD",
"id": "CVE-2019-6536"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-073-01"
},
{
"trust": 1.6,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-307/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6536"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6536"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/77214"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/107418"
},
{
"trust": 0.3,
"url": "http://laquisscada.com/instale1.php"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"db": "BID",
"id": "107418"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "NVD",
"id": "CVE-2019-6536"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"db": "BID",
"id": "107418"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"db": "NVD",
"id": "CVE-2019-6536"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-05-22T00:00:00",
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"date": "2019-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"date": "2019-03-14T00:00:00",
"db": "BID",
"id": "107418"
},
{
"date": "2019-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"date": "2019-03-27T16:29:00.780000",
"db": "NVD",
"id": "CVE-2019-6536"
},
{
"date": "2019-03-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-02T00:00:00",
"db": "ZDI",
"id": "ZDI-19-307"
},
{
"date": "2019-05-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-14979"
},
{
"date": "2019-03-14T00:00:00",
"db": "BID",
"id": "107418"
},
{
"date": "2019-05-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003018"
},
{
"date": "2019-04-02T16:29:00.623000",
"db": "NVD",
"id": "CVE-2019-6536"
},
{
"date": "2019-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "LCDS LAquis SCADA Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "CNVD",
"id": "CNVD-2019-14979"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "6957150b-ef62-4aad-a770-6439342094ff"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-575"
}
],
"trust": 0.8
}
}
Loading...