LCDS LAquis SCADA do 4.3.1 privilege escalation

WpisedytowaćHistoryDiffjsonxmlCTI

Odkryto lukę w LCDS LAquis SCADA do 4.3.1 (SCADA Software). Podatnością dotknięta jest nieznana funkcja. Nie są znane żadne środki zaradcze. Sugerowana jest zamiana podatnego komponentu na produkt alternatywny.

Pole2020-05-05 08:262020-05-05 08:31
vendorLCDSLCDS
nameLAquis SCADALAquis SCADA
version<=4.3.1<=4.3.1
risk22
cvss2_vuldb_basescore6.86.8
cvss2_vuldb_tempscore6.86.8
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_meta_basescore6.56.5
cvss3_meta_tempscore6.56.5
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.35.3
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
date1588550400 (2020-05-04)1588550400 (2020-05-04)
price_0day$0-$5k$0-$5k
cveCVE-2020-10622CVE-2020-10622
seealso154707154707
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_nvd_basescore7.87.8
typeSCADA Software
cwe020 (przekroczenie uprawnień)
cvss2_nvd_avN
cvss2_nvd_acM
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiR
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cve_assigned1584316800
cve_nvd_summaryLCDS LAquis SCADA Versions 4.3.1 and prior. The affected product is vulnerable to arbitrary file creation by unauthorized users

Want to stay up to date on a daily basis?

Enable the mail alert feature now!