Medium
CVE 2019-10994
Processing a specially crafted project file may trigger an out-of-bounds read, which may allow an attacker to obtain sensitive information.
CVE 2019-10980
A type confusion vulnerability may be exploited when LAquis SCADA processes a specially crafted project file. This may allow an attacker to execute remote code.
LCDS—Leão Consultoria e Desenvolvimento de Sistemas LTDA ME
LAquis SCADA 4.3.1.71
LCDS recommends users update to Version 4.3.1.323.