CVE-2017-6016

EUVD-2017-15084
An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions released before January 20, 2017. An Improper Access Control vulnerability has been identified, which may allow an authenticated user to modify application files to escalate privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
leao_consultoria_e_desenvolvimento_de_sistemasltda_me_laquis_scada
𝑥
≤ 4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/96942
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01
http://www.securityfocus.com/bid/96942
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01