ICSA-17-075-01

20 Mar 2017

[ICS] LAquis SCADA Advisory Access Control Vulnerability

ICS-CERT published an advisory on one of my reports recently -
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01

CVE-ID
CVE-2017-6016

Vendor: LCDS - Leão Consultoria e Desenvolvimento de Sistemas LTDA ME
Equipment: LAquis SCADA
Vulnerability: Improper Access Control

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01

AFFECTED PRODUCTS

The following versions of LAquis SCADA, an industrial automation software, are affected:
LAquis SCADA software, Versions 4.1 and prior versions released before January 20, 2017.

Read on for details and poc.

Read more