Vulnerability Description
Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sielcosistemi | Winlog Lite | <= 2.07.14 |
| Sielcosistemi | Winlog Pro | <= 2.07.14 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.htmlExploit
- http://secunia.com/advisories/49395Vendor Advisory
- http://securitytracker.com/id?1027128
- http://www.osvdb.org/82654
- http://www.s3cur1ty.de/m1adv2012-001Exploit
- http://www.securityfocus.com/bid/53811Exploit
- http://www.sielcosistemi.com/en/news/index.html?id=69
- http://www.sielcosistemi.com/en/news/index.html?id=70
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-213-01.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76060
- http://archives.neohapsis.com/archives/bugtraq/2012-06/0009.htmlExploit
- http://secunia.com/advisories/49395Vendor Advisory
- http://securitytracker.com/id?1027128
- http://www.osvdb.org/82654
- http://www.s3cur1ty.de/m1adv2012-001Exploit
FAQ
What is CVE-2012-3815?
CVE-2012-3815 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port...
How severe is CVE-2012-3815?
CVE-2012-3815 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-3815?
Check the references section above for vendor advisories and patch information. Affected products include: Sielcosistemi Winlog Lite, Sielcosistemi Winlog Pro.