You are here

LCDS LAquis SCADA LQS File Parsing (ICSA-19-213-06) – Product Used in the Water and Wastewater and Energy Sectors

LCDS LAquis SCADA LQS File Parsing (ICSA-19-213-06) – Product Used in the Water and Wastewater and Energy Sectors

Created: Tuesday, August 6, 2019 - 10:59
Categories:
Cybersecurity

The NCCIC has released an advisory on out-of-bounds read and type confusion vulnerabilities in LCDS LAquis. SCADA 4.3.1.71 is affected. Successful exploitation of these vulnerabilities could allow an attacker to obtain confidential information or execute remote code. LCDS recommends users update to Version 4.3.1.323. The NCCIC also advises of a series of measures for mitigating the vulnerability. Read the advisory at CISA.