N/A

LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on a stack object, which may allow an attacker to execute code under the current process.

N/A

跨界内存写

LAquis SCADA 安全漏洞

LAquis SCADA是一套用于监控和数据采集的SCADA软件。 LAquis SCADA 4.1.0.3870及之前版本中存在安全漏洞，该漏洞源于在对栈对象执行写入操作之前，程序没有过滤用户输入。远程攻击者可利用该漏洞在当前进程的上下文中执行代码。

N/A

N/A