Описание
Processing a specially crafted project file in LAquis SCADA 4.3.1.71 may trigger an out-of-bounds read, which may allow an attacker to obtain sensitive information. The attacker must have local access to the system. A CVSS v3 base score of 2.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:laquisscada:scada:4.3.1.71:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00145
Низкий
3.3 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
CWE-125
Связанные уязвимости
CVSS3: 3.3
github
больше 3 лет назад
Processing a specially crafted project file in LAquis SCADA 4.3.1.71 may trigger an out-of-bounds read, which may allow an attacker to obtain sensitive information. The attacker must have local access to the system. A CVSS v3 base score of 2.5 has been calculated; the CVSS vector string is (AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
EPSS
Процентиль: 35%
0.00145
Низкий
3.3 Low
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-125
CWE-125