CISA has published an advisory on exposure of sensitive information to an unauthorized actor and improper input validation vulnerabilities in LCDS LAquis SCADA. Versions 4.3.1 and prior are affected. Successful exploitation of these vulnerabilities could allow unauthorized attackers to view sensitive information and create files in arbitrary locations. LCDS recommends users update to the latest version of LAquis SCADA. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.